PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-40355 MIT CVE debrief

CVE-2026-40355 is a NULL pointer dereference vulnerability in MIT Kerberos 5, specifically in the gss_accept_sec_context() function. An unauthenticated remote attacker can trigger this vulnerability, causing the process to terminate. The vulnerability exists when a NegoEx mechanism is registered in /etc/gss/mech. This issue affects users of MIT Kerberos 5, particularly those with applications using the gss_accept_sec_context() function. The vulnerability has a CVSS score of 5.9 and a severity of MEDIUM.

Vendor
MIT
Product
Kerberos 5
CVSS
MEDIUM 5.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-28
Original CVE updated
2026-07-08
Advisory published
2026-04-28
Advisory updated
2026-07-08

Who should care

Users of MIT Kerberos 5, particularly those who have applications that use the gss_accept_sec_context() function, should be aware of this vulnerability and take steps to mitigate it. This includes reviewing and updating /etc/gss/mech, monitoring for potential attacks, and applying patches as soon as possible. IT administrators and security teams responsible for systems using MIT Kerberos 5 should prioritize this vulnerability based on its MEDIUM severity and potential impact on their systems.

Technical summary

The vulnerability is caused by a NULL pointer dereference in the gss_accept_sec_context() function of MIT Kerberos 5. This function is used to accept a security context, and in certain cases, it can lead to a NULL pointer dereference. An unauthenticated remote attacker can trigger this vulnerability, causing the process to terminate. The vulnerability exists when a NegoEx mechanism is registered in /etc/gss/mech. Affected users should apply patches and review /etc/gss/mech to ensure only necessary mechanisms are registered.

Defensive priority

Medium

Recommended defensive actions

  • Apply the patch from the MIT Kerberos 5 repository
  • Review and update /etc/gss/mech to ensure that only necessary mechanisms are registered
  • Monitor for and respond to potential attacks on the gss_accept_sec_context() function
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-04-28T06:16:03.663Z and was last modified on 2026-07-08T12:48:28.803Z. The NVD entry is currently Analyzed. This vulnerability affects MIT Kerberos 5, specifically versions before 1.22.3. The vulnerability exists in the gss_accept_sec_context() function when a NegoEx mechanism is registered in /etc/gss/mech. Evidence of exploitation is limited, but defenders should verify system logs for potential attacks.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-28T06:16:03.663Z and has not been modified since then. The NVD entry is currently Analyzed.