CVE-2021-37750: 
Kerberos vulnerability analysis and mitigation

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference vulnerability in kdc/dotgsreq.c via a FAST inner body that lacks a server field. The vulnerability was discovered and reported by Joseph Sutton of Catalyst, and was assigned CVE-2021-37750 (MITRE CVE, NVD).

The vulnerability was introduced by commit 39548a5 in the KDC code. Prior to this commit, an error would occur instead of the null dereference. The issue occurs when processing a FAST TGS request with no server field, leading to a NULL pointer dereference in the kdc/dotgsreq.c file. The vulnerability has a CVSS v3.1 Base Score of 6.5 (Medium) with the vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Ubuntu Security).

Successful exploitation of this vulnerability could lead to Denial of Service (DoS) in the Key Distribution Center. The vulnerability affects the availability of the system while having no impact on confidentiality or integrity (StarWind Security).

The vulnerability has been fixed in MIT Kerberos 5 versions 1.18.5 and 1.19.3. The fix involves adding a null check for the server field in the FAST inner body processing code, as implemented in commit d775c95 (GitHub Commit). Organizations are strongly recommended to upgrade to the patched versions.