ELSA-2025-1352

Опубликовано: 06 мар. 2025

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2025-1352: krb5 security update (MODERATE)

[1.15.1-55.0.9]

Fixes CVE-2025-24528 , Prevent overflow when calculating ulog block size [Orabug: 37587301]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

krb5-devel

1.15.1-55.0.9.el7_9

krb5-libs

1.15.1-55.0.9.el7_9

krb5-pkinit

1.15.1-55.0.9.el7_9

krb5-server

1.15.1-55.0.9.el7_9

krb5-server-ldap

1.15.1-55.0.9.el7_9

krb5-workstation

1.15.1-55.0.9.el7_9

libkadm5

1.15.1-55.0.9.el7_9

Связанные CVE

CVE-2025-24528

Ссылки на источники

Связанные уязвимости

CVE-2025-24528

ubuntu

5 месяцев назад

In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.

CVE-2025-24528

CVSS3: 6.5

redhat

больше 1 года назад

A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service.

CVE-2025-24528

debian

[Prevent overflow when calculating ulog block size]

SUSE-SU-2025:0401-1

suse-cvrf

4 месяца назад

Security update for crypto-policies, krb5

SUSE-SU-2025:0351-1

suse-cvrf

4 месяца назад

Security update for krb5