CVE-2025-24528

In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...

MiracleLinux 8 : krb5-1.18.2-31.el8_10 (AXSA:2025-9772:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9772:02 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over th...

RLSA-2025:7067 Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

RockyLinux 9 : krb5 (RLSA-2025:7067)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7067 advisory. krb5: overflow when calculating ulog block size CVE-2025-24528 Tenable has extracted the preceding description block directly from the RockyLinux security advisor...

Medium: krb5

Issue Overview: krb5: overflow when calculating ulog block size CVE-2025-24528 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an...

Amazon Linux 2 : krb5, --advisory ALAS2-2025-2985 (ALAS-2025-2985)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2985 advisory. krb5: overflow when calculating ulog block size CVE-2025-24528 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weakness...

Medium: krb5

Issue Overview: krb5: overflow when calculating ulog block size CVE-2025-24528 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an...

CLSA-2025-1756110212 krb5: Fix of 2 CVEs

CVE-2025-3576: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - CVE-2025-24528: prevent overflow when calculating ulog block size...

krb5: overflow when calculating ulog block size

A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service...

SUSE-SU-2025:20303-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash; bsc1236619...

CLSA-2025-1742723370 krb5: Fix of CVE-2025-24528

CVE-2025-24528: prevent overflow when calculating ulog block size...

CLSA-2025-1742662173 krb5: Fix of CVE-2025-24528

CVE-2025-24528: prevent overflow when calculating ulog block size...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash bsc1236619. Patch Instructions: To...

SUSE-SU-2025:20153-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash bsc1236619...

krb5: overflow when calculating ulog block size

A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...

krb5 security update

1.15.1-55.0.9 - Fixes CVE-2025-24528 , Prevent overflow when calculating ulog block size Orabug: 37587301...

Updated krb5 packages fix security vulnerability

Overflow when calculating ulog block size. CVE-2025-24528...

MGASA-2025-0072 Updated krb5 packages fix security vulnerability

Overflow when calculating ulog block size. CVE-2025-24528...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...