[CLSA-2026:1773145958] Fix CVE(s): CVE-2024-37370, CVE-2024-37371
Type:
security
Severity:
Critical
Release date:
2026-03-10 12:32:43 UTC
Description:
* SECURITY UPDATE: Fix vulnerabilities in GSS message token handling - debian/patches/CVE-2024-37370-CVE-2024-37371.patch: Verify Extra Count field in CFX wrap tokens, validate plaintext length in gss_unwrap, and prevent IOV unwrap header buffer overrun - CVE-2024-37370 - CVE-2024-37371
Updated packages:
  • krb5-admin-server_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:2e6559065a21cbbff6f46fd7da95ecba1a63c08f
  • krb5-doc_1.17-3+deb10u6+tuxcare.els1_all.deb
    sha:698695fed118f914fa9ff9144ef27071bc42b31d
  • krb5-gss-samples_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:d6adba1f9e6485d6a2db0ca848ccc706f3d0a8e1
  • krb5-k5tls_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:6e0e52f461ba4a23631685d30ce22023c1ec4ca0
  • krb5-kdc_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:41233ea900afdf4b98af51bcaa442aee412f4b4c
  • krb5-kdc-ldap_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:540b8b85450fbb198393c595169e3cc6e629de8f
  • krb5-kpropd_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:e1e3b3e0755cee67f9be44dcf066304d9144a97b
  • krb5-locales_1.17-3+deb10u6+tuxcare.els1_all.deb
    sha:6041dbfc369aaa3c8dd67f5faaf11f4414d01290
  • krb5-multidev_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:68cdf064b11df5ab3e5d095bd948eb91f563958f
  • krb5-otp_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:8721b5b02d468baad8cecb7663907c1a46a5cd71
  • krb5-pkinit_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:fdb331721bd010b882619a969aaf3256186ee918
  • krb5-user_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:caceb36b87f2d7c70f3295b5c9cbac4f5a5c8ddd
  • libgssapi-krb5-2_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:35663b5cade74614507f1dc0d7dfba08d7145d4b
  • libgssrpc4_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:d9266cb49260465cded3b3f02a988a4a35920d6c
  • libk5crypto3_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:1a2c0024632f3af0fb19d51cbacae74030bcda3b
  • libkadm5clnt-mit11_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:6f40a6fab8bb4daa351ea5e77de5911c9bce865c
  • libkadm5srv-mit11_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:34c6f62081e403f82b9dcf33b45be8c232341316
  • libkdb5-9_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:07fa1125543b019f96baf6e16e068ccaaa92b088
  • libkrad-dev_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:263dcff0a3c8f21c7d29d6ea3cc0d845cb14672f
  • libkrad0_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:c6c57482423708d2725547a24b3a24371e385108
  • libkrb5-3_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:baa5dbc26f1905ea8eb7841ebaba28eadb6e93cb
  • libkrb5-dev_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:42c6f552fece32cd502a46deed68d7f09bcc9fc8
  • libkrb5support0_1.17-3+deb10u6+tuxcare.els1_amd64.deb
    sha:fa1232660e9193d792702ab3e0ed754136f713bf
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.