Описание
ELSA-2025-2722: krb5 security update (MODERATE)
[1.18.2-31.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
[1.18.2-31]
- Prevent overflow when calculating ulog block size (CVE-2025-24528) Resolves: RHEL-78248
- kdb5_util: fix DB entry flags on modification Resolves: RHEL-56060
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
krb5-devel
1.18.2-31.0.1.el8_10
krb5-libs
1.18.2-31.0.1.el8_10
krb5-pkinit
1.18.2-31.0.1.el8_10
krb5-server
1.18.2-31.0.1.el8_10
krb5-server-ldap
1.18.2-31.0.1.el8_10
krb5-workstation
1.18.2-31.0.1.el8_10
libkadm5
1.18.2-31.0.1.el8_10
Oracle Linux x86_64
krb5-devel
1.18.2-31.0.1.el8_10
krb5-libs
1.18.2-31.0.1.el8_10
krb5-pkinit
1.18.2-31.0.1.el8_10
krb5-server
1.18.2-31.0.1.el8_10
krb5-server-ldap
1.18.2-31.0.1.el8_10
krb5-workstation
1.18.2-31.0.1.el8_10
libkadm5
1.18.2-31.0.1.el8_10
Связанные CVE
Связанные уязвимости
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation ...