Описание
ELSA-2025-9190: ipa security update (IMPORTANT)
[4.12.2-15.0.1.el10_0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Add bind to ipa-server-common Requires [Orabug: 36518596]
[4.12.2-15.el10_0.1]
- Resolves: RHEL-89908 EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA
- Resolves: RHEL-89144 kdb: ipadb_get_connection() succeeds but returns null LDAP context
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
ipa-client
4.12.2-15.0.1.el10_0.1
ipa-client-common
4.12.2-15.0.1.el10_0.1
ipa-client-encrypted-dns
4.12.2-15.0.1.el10_0.1
ipa-client-epn
4.12.2-15.0.1.el10_0.1
ipa-client-samba
4.12.2-15.0.1.el10_0.1
ipa-common
4.12.2-15.0.1.el10_0.1
ipa-selinux
4.12.2-15.0.1.el10_0.1
ipa-selinux-luna
4.12.2-15.0.1.el10_0.1
ipa-selinux-nfast
4.12.2-15.0.1.el10_0.1
ipa-server
4.12.2-15.0.1.el10_0.1
ipa-server-common
4.12.2-15.0.1.el10_0.1
ipa-server-dns
4.12.2-15.0.1.el10_0.1
ipa-server-encrypted-dns
4.12.2-15.0.1.el10_0.1
ipa-server-trust-ad
4.12.2-15.0.1.el10_0.1
python3-ipaclient
4.12.2-15.0.1.el10_0.1
python3-ipalib
4.12.2-15.0.1.el10_0.1
python3-ipaserver
4.12.2-15.0.1.el10_0.1
python3-ipatests
4.12.2-15.0.1.el10_0.1
Oracle Linux x86_64
ipa-client
4.12.2-15.0.1.el10_0.1
ipa-client-common
4.12.2-15.0.1.el10_0.1
ipa-client-encrypted-dns
4.12.2-15.0.1.el10_0.1
ipa-client-epn
4.12.2-15.0.1.el10_0.1
ipa-client-samba
4.12.2-15.0.1.el10_0.1
ipa-common
4.12.2-15.0.1.el10_0.1
ipa-selinux
4.12.2-15.0.1.el10_0.1
ipa-selinux-luna
4.12.2-15.0.1.el10_0.1
ipa-selinux-nfast
4.12.2-15.0.1.el10_0.1
ipa-server
4.12.2-15.0.1.el10_0.1
ipa-server-common
4.12.2-15.0.1.el10_0.1
ipa-server-dns
4.12.2-15.0.1.el10_0.1
ipa-server-encrypted-dns
4.12.2-15.0.1.el10_0.1
ipa-server-trust-ad
4.12.2-15.0.1.el10_0.1
python3-ipaclient
4.12.2-15.0.1.el10_0.1
python3-ipalib
4.12.2-15.0.1.el10_0.1
python3-ipaserver
4.12.2-15.0.1.el10_0.1
python3-ipatests
4.12.2-15.0.1.el10_0.1
Связанные CVE
Связанные уязвимости
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.
A privilege escalation from host to domain vulnerability was found in ...
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.