CVE-2025-24528
First published: Wed Jan 29 2025(Updated: )
In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MIT Kerberos 5 | >1.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-24528?
CVE-2025-24528 has a high severity rating due to the potential for process crashes caused by authenticated attackers.
How do I fix CVE-2025-24528?
To fix CVE-2025-24528, upgrade to the latest version of MIT krb5 where the vulnerability has been addressed.
What versions of MIT krb5 are affected by CVE-2025-24528?
CVE-2025-24528 affects MIT krb5 versions 1.7 and later when incremental propagation is enabled.
What is the potential impact of CVE-2025-24528?
The potential impact of CVE-2025-24528 includes application instability and crashes in the kadmind process.
Who can exploit CVE-2025-24528?
CVE-2025-24528 can be exploited by authenticated attackers with access to the system.
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2025-24528
- agent/severity
- agent/last-modified-date
- agent/references
- agent/source
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/mit
- canonical/mit kerberos 5