Astra Linux – Vulnerability in krb5

The RADIUS protocol, as described in RFC 2865, is vulnerable to forgery attacks by local attackers who can modify any valid response—whether an Access-Accept, Access-Reject, or Access-Challenge response—into any other response, using a chosen-prefix collision attack against the MD5 Response...

CLSA-2026-1779461988 krb5: Fix of 3 CVEs

CVE-2024-3596: generate and verify Message-Authenticator MACs in libkrad to mitigate the BlastRADIUS attack on the RADIUS protocol; includes follow-up fix for uninitialized pointer dereference in kradpacketdecoderequest - CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap...

SUSE-SU-2026:1816-1 Security update for krb5

This update for krb5 fixes the following issues - CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism bsc1263366. - CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read bsc1263367...

UBUNTU-CVE-2026-40356

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

UBUNTU-CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

MiracleLinux 8 : krb5-1.18.2-27.el8 (AXSA:2024-8170:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8170:01 advisory. krb5: Memory leak at /krb5/src/lib/rpc/pmaprmt.c CVE-2024-26458 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c CVE-2024-26461 Tenable has...

MiracleLinux 7 : krb5-1.15.1-55.0.1.el7.AXS7 (AXSA:2024-8882:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8882:05 advisory. CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application CVE-2024-37371: fix...

OPENSUSE-SU-2025:15803-1 krb5-1.22.1-1.1 on GA media

These are all security issues fixed in the krb5-1.22.1-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2020-3044

Malware in sbrugna...

Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2025-1173)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1173 advisory. krb5: overflow when calculating ulog block size CVE-2025-24528 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to...

CLSA-2025-1756110212 krb5: Fix of 2 CVEs

CVE-2025-3576: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - CVE-2025-24528: prevent overflow when calculating ulog block size...

CLSA-2025-1742723370 krb5: Fix of CVE-2025-24528

CVE-2025-24528: prevent overflow when calculating ulog block size...

CLSA-2025-1742662173 krb5: Fix of CVE-2025-24528

CVE-2025-24528: prevent overflow when calculating ulog block size...

SUSE-SU-2025:20153-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash bsc1236619...

CLSA-2024-1732195001 krb5: Fix of CVE-2024-26462

CVE-2024-26462: Fix memory leak vulnerability in src/kdc/ndr.c...

CLSA-2024-1726840907 krb5: Fix of 2 CVEs

CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application - CVE-2024-37371: fix invalid memory reads during GSS message token handling...

CLSA-2024-1718290045 krb5: Fix of 2 CVEs

CVE-2024-26461: fix possible memory leak in /krb5/src/lib/gssapi/krb5/k5sealv3.c - CVE-2024-26458: fix possible memory leak in /krb5/src/lib/rpc/pmaprmt.c...

UBUNTU-CVE-2024-26461

Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c...

SUSE CVE-2007-0956

The telnet daemon telnetd in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882...

UBUNTU-CVE-2022-44640

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center KDC...