Описание
ELSA-2025-7067: krb5 security update (MODERATE)
[1.21.1-6.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
[1.21.1-6]
- Prevent overflow when calculating ulog block size (CVE-2025-24528) Resolves: RHEL-76759
[1.21.1-5]
- Support PKCS11 EC client certs in PKINIT Resolves: RHEL-74374
- kdb5_util: fix DB entry flags on modification Resolves: RHEL-56059
- Add ECDH support for PKINIT (RFC5349) Resolves: RHEL-4902
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
krb5-libs
1.21.1-6.0.1.el9
krb5-pkinit
1.21.1-6.0.1.el9
krb5-server
1.21.1-6.0.1.el9
krb5-server-ldap
1.21.1-6.0.1.el9
krb5-workstation
1.21.1-6.0.1.el9
libkadm5
1.21.1-6.0.1.el9
krb5-devel
1.21.1-6.0.1.el9
Oracle Linux x86_64
krb5-libs
1.21.1-6.0.1.el9
krb5-pkinit
1.21.1-6.0.1.el9
krb5-server
1.21.1-6.0.1.el9
krb5-server-ldap
1.21.1-6.0.1.el9
krb5-workstation
1.21.1-6.0.1.el9
krb5-devel
1.21.1-6.0.1.el9
libkadm5
1.21.1-6.0.1.el9
Связанные CVE
Связанные уязвимости
In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.
A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service.
