CVE-2025-24528

Источник: debian

Описание

[Prevent overflow when calculating ulog block size]

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
krb5	fixed	1.21.3-5		package
krb5	fixed	1.20.1-2+deb12u3	bookworm	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=2342796
Fixed by: https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0

Связанные уязвимости

CVE-2025-24528

ubuntu

5 месяцев назад

In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.

CVE-2025-24528

CVSS3: 6.5

redhat

больше 1 года назад

A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service.

SUSE-SU-2025:0401-1

suse-cvrf

4 месяца назад

Security update for crypto-policies, krb5

SUSE-SU-2025:0351-1

suse-cvrf

4 месяца назад

Security update for krb5

RLSA-2025:2722

rocky

около 1 месяца назад

Moderate: krb5 security update