Astra Linux - уязвимость в krb5

In MIT Kerberos 5 also known as krb5, before version 1.21.3, an attacker could modify the plaintext Extra Count field of a confidential GSS krb5 wrap token. This modification caused the unwrapped token to appear truncated, affecting the application...

Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2026-1680)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1680 advisory. In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An...

[SECURITY] Fedora 42 Update: krb5-1.21.3-7.fc42

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...

[SECURITY] Fedora 43 Update: krb5-1.22.2-4.fc43

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...

CVE-2026-40355

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service DoS...

UBUNTU-CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

EUVD-2026-25993

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

EUVD-2026-25981

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

JLSEC-2026-93

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application...

MiracleLinux 3 : krb5-1.6.1-63.AXS3 (AXSA:2012-05:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-05:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext...

MiracleLinux 4 : krb5-1.10.3-37.AXS4 (AXSA:2015-113:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-113:01 advisory. Description: Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecur...

MiracleLinux 4 : krb5-1.8.2-3.AXS4.6 (AXSA:2011-125:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-125:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...

MiracleLinux 3 : krb5-1.6.1-36.AXS3.6 (AXSA:2010-503:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-503:05 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...

MiracleLinux 7 : krb5-1.15.1-55.0.2.el7.AXS7 (AXSA:2025-9717:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9717:01 advisory. improve your network's security by eliminating the insecure practice of cleartext passwords. Security fixes: - CVE-2024-3596: implement support for...

TencentOS Server 4: krb5 (TSSA-2024:0617)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0617 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)

Summary DS8900F and DS8A00 updates have been released to remediate vulnerabilities in libexpat, libxml2, libsoup and krb5 libraries. Review the Vulnerability Details section below for additional information. Vulnerability Details CVEID:CVE-2024-8176 DESCRIPTION: A stack overflow vulnerability...

RHSA-2025:15003 Red Hat Security Advisory: krb5 security update

Bulletin has no description...

PT-2025-33761

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference error in the generate encryptionkey function within the ksmbd module could occur if a client sends two session setups with Kerberos v5 authentication to ksmb...

The vulnerability of the Heimdal protocol’s Kerberos 5 implementation, related to the handling of the zero pointer, allows a perpetrator to cause a service failure.

The vulnerability of the Heimdal protocol’s Kerberos 5 implementation is related to the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

AZL-43002 CVE-2024-37370 affecting package krb5 for versions less than 1.21.3-1

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application...