[CLSA-2026:1779875639] krb5: Fix of 5 CVEs
Type:
security
Severity:
Moderate
Release date:
2026-05-27 09:54:03 UTC
Description:
- CVE-2025-24528: prevent overflow when calculating ulog block size - CVE-2025-3576: don't issue session keys with deprecated enctypes (RC4-HMAC-MD5 spoofing) - CVE-2026-40355: fix NULL pointer dereference in NegoEx parse_nego_message - CVE-2026-40356: fix integer underflow in NegoEx parse_message header_len - CVE-2023-36054: ensure array count consistency in kadm5 RPC to prevent freeing uninitialized pointers in _xdr_kadm5_principal_ent_rec
Updated packages:
  • krb5-devel-1.18.2-27.el8.tuxcare.els2.i686.rpm
    sha:b348079256b0a4560bb6b112e0452b7bddf4d0840cd2b267da3224866f3632bb
  • krb5-devel-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:7ee7d3df95e0abc7c6e126b9f8cfd97ab43b5b3b30593b61cd43585b8b7dea5b
  • krb5-libs-1.18.2-27.el8.tuxcare.els2.i686.rpm
    sha:530d3ca1ead7ecbba8da6a1d7492bb5efb2db2e99f532e9ee7c7620670228154
  • krb5-libs-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:490dc6682a632b9f3a2b6ce16737225847b063c1dbbee50180af6b374487df42
  • krb5-pkinit-1.18.2-27.el8.tuxcare.els2.i686.rpm
    sha:12fd2b8593f18afeb7bf72bd578204a7238b6ede01ba9653c915f92bff98fecd
  • krb5-pkinit-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:78a7969df2a59d3beb71932ee77f82a9b3667c34dd131a1c0e891de3a4601ebc
  • krb5-server-1.18.2-27.el8.tuxcare.els2.i686.rpm
    sha:d905adb52f2ec44b0dba97c65cc1e057d70d668846e3a20a91bb42ee7a51c9ef
  • krb5-server-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:746c36edd1a0e31433526f9ea99c66aec5fc5a4e8a4906bace4cae00316836fc
  • krb5-server-ldap-1.18.2-27.el8.tuxcare.els2.i686.rpm
    sha:89006f94d6c59fd881a6663c8974dd315c07dc47193288e9e0ce6d21a620f0e7
  • krb5-server-ldap-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:4ac80d2047803f756ea6242f15800d319e614cb3740b9d616b3cdf7aef138d75
  • krb5-workstation-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:a251381ed13bc28417a4d5c887d622c42af2a423ad2d7de85b3ff25478b73d1c
  • libkadm5-1.18.2-27.el8.tuxcare.els2.i686.rpm
    sha:6dc1b50ac007a42e5a5565684d8c96d788839ff09af6331d6f1362a2aa5aafb7
  • libkadm5-1.18.2-27.el8.tuxcare.els2.x86_64.rpm
    sha:b4aa203f62279fd7be50b502c2be8565deedf3981de217e1e976171f77af1a26
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.