[CLSA-2026:1779461988] krb5: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2026-05-22 14:59:52 UTC
Description:
- CVE-2024-3596: generate and verify Message-Authenticator MACs in libkrad to mitigate the BlastRADIUS attack on the RADIUS protocol; includes follow-up fix for uninitialized pointer dereference in krad_packet_decode_request - CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application - CVE-2024-37371: fix invalid memory reads during GSS message token handling
Updated packages:
  • krb5-devel-1.18.2-27.el8.tuxcare.els1.i686.rpm
    sha:2a87a380cd07f3ee93558b6f2b62f1a71b6f78a96f73983850cec6e2a9ad3607
  • krb5-devel-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:98077d06fae199a7cc77a338030be1bbb9692a3a43fbb4880a441c4a944ca91a
  • krb5-libs-1.18.2-27.el8.tuxcare.els1.i686.rpm
    sha:2d978f0981d10899bc6e23fb7d66422fb0f2b4829bdafc31b183d7d1a1012a02
  • krb5-libs-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:4a3525077fcad2be8e2706ec4442df58a79920d0f6c5ad0c80ce0eaa115eb1cf
  • krb5-pkinit-1.18.2-27.el8.tuxcare.els1.i686.rpm
    sha:688346551a19746c0964d65b1b403948aa7c1c4c8e4a5cc0c80409c0250fec7a
  • krb5-pkinit-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:5c3fce3bfd010dca261390e0fcce0ba95647ed71d4143cae106d1624a24a0ff7
  • krb5-server-1.18.2-27.el8.tuxcare.els1.i686.rpm
    sha:678bcf0aa7428f6eaddfd3f92d8b07ea7563b27b3c474714cb6688346728106d
  • krb5-server-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:6b761db22e76e94495a762b0a523420498a1a1837f12217a1589a2b7c67f4231
  • krb5-server-ldap-1.18.2-27.el8.tuxcare.els1.i686.rpm
    sha:a2ea6fbd67c5928db32873e37c5428960dec7c6a835eecf8f5870d1ac598450a
  • krb5-server-ldap-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:d63f382e60b2376ec4fc62ba25f9b2bb45c29a36fbb1eab66b502f054d8ae115
  • krb5-workstation-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:e05219683ffb8528e35aba11c4839c752986e1561d993e1fd57749ecedb93c5d
  • libkadm5-1.18.2-27.el8.tuxcare.els1.i686.rpm
    sha:8d58c927e1b8db7d08042004786e662529e8c5e2a922fb81db114e989b2c0893
  • libkadm5-1.18.2-27.el8.tuxcare.els1.x86_64.rpm
    sha:58db6a5cc2440711d7ce3c0be4e03257824f890e04d094187eb285e925309987
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.