EUVD-2026-36219

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2026-1680)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1680 advisory. In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An...

[SECURITY] Fedora 42 Update: krb5-1.21.3-7.fc42

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...

CVE-2026-40355

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service DoS...

MiracleLinux 3 : krb5-1.6.1-63.AXS3 (AXSA:2012-05:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-05:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext...

MiracleLinux 4 : krb5-1.8.2-3.AXS4.6 (AXSA:2011-125:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-125:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...

MiracleLinux 3 : krb5-1.6.1-36.AXS3.6 (AXSA:2010-503:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-503:05 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...

Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)

Summary DS8900F and DS8A00 updates have been released to remediate vulnerabilities in libexpat, libxml2, libsoup and krb5 libraries. Review the Vulnerability Details section below for additional information. Vulnerability Details CVEID:CVE-2024-8176 DESCRIPTION: A stack overflow vulnerability...

RHSA-2025:15003 Red Hat Security Advisory: krb5 security update

Bulletin has no description...

PT-2025-33761

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference error in the generate encryptionkey function within the ksmbd module could occur if a client sends two session setups with Kerberos v5 authentication to ksmb...

Astra Linux – Vulnerability in krb5

In MIT Kerberos 5 also known as krb5, before version 1.21.3, an attacker could modify the plaintext Extra Count field of a confidential GSS krb5 wrap token. This modification caused the unwrapped token to appear truncated, affecting the application...

The vulnerability of the Heimdal protocol’s Kerberos 5 implementation, related to the handling of the zero pointer, allows a perpetrator to cause a service failure.

The vulnerability of the Heimdal protocol’s Kerberos 5 implementation is related to the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

A flaw was found in Fedora versions of krb5 from 1.16.1 to including 1.17.x in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

...

kernel: net/rxrpc: overflow in decoding of krb5 principal

Keberos 5 tickets being decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation...

The vulnerability in the implementation of the Keberos v5 protocol in the Linux operating system allows a perpetrator to increase their privileges or cause service failures.

The vulnerability in the implementation of the Keberos v5 protocol in the Linux operating system is related to the operation of writing data beyond the buffer in memory when processing RXRPC keys. Exploiting this vulnerability can allow an attacker to increase their privileges or cause service...

ALPINE-CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

UBUNTU-CVE-2015-2696

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 aka krb5 before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service incorrect pointer read and process crash via a crafted IAKERB packet that is mishandled during a gssinquirecontext call...

DEBIAN-CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center KDC in MIT Kerberos 5 krb5 1.4.1 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a certain valid TCP or UDP request...

DEBIAN-CVE-2004-0772

Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 krb5 1.2.8 and earlier may allow remote attackers to execute arbitrary code...

DEBIAN-CVE-2004-0523

Multiple buffer overflows in krb5anametolocalname for MIT Kerberos 5 krb5 1.3.3 and earlier allow remote attackers to execute arbitrary code as root...