First published: Mon Feb 26 2024(Updated: )
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Storage Defender - Resiliency Service | <=2.0.0 - 2.0.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-26461 is classified as a medium severity vulnerability due to its potential impact on system performance through memory leaks.
To fix CVE-2024-26461, upgrade to a version of Kerberos 5 that is higher than 1.21.2.
CVE-2024-26461 affects IBM Storage Defender - Resiliency Service versions 2.0.0 to 2.0.9.
The memory leak in CVE-2024-26461 is caused by improper handling of memory in the k5sealv3.c file in Kerberos 5.
CVE-2024-26461 is not a remote vulnerability, but it can affect applications utilizing the vulnerable Kerberos library.