2 matches found
CLSA-2026-1772571803 munge: Fix of CVE-2026-25506
CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks and input validation for address length; prevent leak of cryptographic MAC subkey and forging of arbitrary credentials...
AZL-77451 CVE-2026-25506 affecting package munge for versions less than 0.5.18-1
MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...