MiracleLinux 9 : krb5-1.21.1-3.el9 (AXSA:2024-9086:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9086:08 advisory. krb5: Memory leak at /krb5/src/lib/rpc/pmaprmt.c CVE-2024-26458 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c CVE-2024-26461 krb5: Memor...

krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

A memory leak flaw was found in krb5 in /krb5/src/lib/rpc/pmaprmt.c. This issue can lead to a denial of service through memory exhaustion...

SUSE CVE-2024-26458

Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c...

AZL-35455 CVE-2024-26458 affecting package krb5 for versions less than 1.19.4-3

Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to a memory leak flaw in the pmaprmt.c file. An attacker can lead to a denial of service through memory exhaustion by exploiting this flaw. Remediation There is no fixed version for...

PT-2024-2632

Name of the Vulnerable Software and Affected Versions Kerberos 5 aka krb5 version 1.21.2 Description The issue is related to a memory leak in the implementation of the Kerberos network protocol, specifically in the /krb5/src/lib/rpc/pmap rmt.c component. This can be exploited by a remote attacker...