DEBIAN-CVE-2010-4022

DEBIAN-CVE-2010-4022 PUBLISHED CVSS 8.699999809265137 HIGH

The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Debian:14	krb5	0, 0, 0
Debian:12	krb5	0, 0, 0
Debian:13	krb5	0, 0, 0
Debian:11	krb5	0, 0, 0

Timeline

Feb 10, 2011 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2010-4022 advisory

Open in Interactive Console →