CVE-2025-24528

Источник: debian

EPSS Низкий

Описание

[Prevent overflow when calculating ulog block size]

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
krb5	fixed	1.21.3-5		package
krb5	fixed	1.20.1-2+deb12u3	bookworm	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=2342796
Fixed by: https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0

EPSS

Процентиль: 2%

0.00014

Низкий

Связанные уязвимости

CVE-2025-24528

ubuntu

около 1 года назад

In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.

CVE-2025-24528

CVSS3: 6.5

redhat

около 2 лет назад

A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service.

SUSE-SU-2025:0401-1

suse-cvrf

12 месяцев назад

Security update for crypto-policies, krb5

SUSE-SU-2025:0351-1

suse-cvrf

около 1 года назад

Security update for krb5

RLSA-2025:7067

rocky

4 месяца назад

Moderate: krb5 security update

EPSS

Процентиль: 2%

0.00014

Низкий