Cameron Meadors discovered that the MIT Kerberos 5 Key Distribution Center daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication capability is enabled. This could allow a remote attacker to cause a denial of service.