First published: Wed May 22 2024(Updated: )
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).<br>Security Fix(es):<br><li> krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c (CVE-2024-26458)</li> <li> krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (CVE-2024-26461)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/krb5 | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debugsource | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debugsource | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-devel | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-devel | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-devel-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-devel-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-libs | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-libs | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-libs-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-libs-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-pkinit | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-pkinit | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-pkinit-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-pkinit-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-ldap | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-ldap | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-ldap-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-ldap-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-workstation | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-workstation-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-workstation-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/libkadm5 | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/libkadm5 | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/libkadm5-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/libkadm5-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-workstation | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debugsource | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-devel | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-devel-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-libs | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-libs-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-pkinit | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-pkinit-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-ldap | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-server-ldap-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-workstation | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-workstation-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/libkadm5 | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/libkadm5-debuginfo | <1.18.2-27.el8_10 | 1.18.2-27.el8_10 |
redhat/krb5-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-debugsource | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-devel | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-devel-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-libs | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-libs-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-pkinit | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-pkinit-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-server | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-server-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-server-ldap | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-server-ldap-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-workstation | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/krb5-workstation-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/libkadm5 | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
redhat/libkadm5-debuginfo | <1.18.2-27.el8_10.aa | 1.18.2-27.el8_10.aa |
Red Hat Enterprise Linux 8 | ||
Red Hat Enterprise Linux for ARM 64 | ||
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | ||
Red Hat Enterprise Linux Server for IBM z Systems |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
RHSA-2024:3268 addresses vulnerabilities in the Kerberos network authentication system affecting multiple Red Hat Enterprise Linux packages.
The severity level of RHSA-2024:3268 is high, indicating potential impacts on system security.
To remediate RHSA-2024:3268, update the affected packages to version 1.18.2-27.el8_10 or higher.
Red Hat Enterprise Linux versions including x86_64, ARM 64, Power little endian, and IBM z Systems are affected by RHSA-2024:3268.
Yes, the impacted packages include krb5, krb5-devel, krb5-libs, and krb5-server among others.