Several security issues were fixed in Kerberos.
Software Description:
- krb5: MIT Kerberos Network Authentication Protocol
Details:
It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. (CVE-2024-26458,
CVE-2024-26461)
It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. This issue only
affected Ubuntu 24.04 LTS. (CVE-2024-26462)
It was discovered that the Kerberos kadmind daemon incorrectly handled log
files when incremental propagation was enabled. An authenticated attacker
could use this issue to cause kadmind to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2025-24528)
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 krb5-admin-server 1.21.3-3ubuntu0.2 krb5-kdc 1.21.3-3ubuntu0.2 libgssapi-krb5-2 1.21.3-3ubuntu0.2 libgssrpc4t64 1.21.3-3ubuntu0.2 libkdb5-10t64 1.21.3-3ubuntu0.2 Ubuntu 24.04 LTS krb5-admin-server 1.20.1-6ubuntu2.5 krb5-kdc 1.20.1-6ubuntu2.5 libgssapi-krb5-2 1.20.1-6ubuntu2.5 libgssrpc4t64 1.20.1-6ubuntu2.5 libkdb5-10t64 1.20.1-6ubuntu2.5 Ubuntu 22.04 LTS krb5-admin-server 1.19.2-2ubuntu0.6 krb5-kdc 1.19.2-2ubuntu0.6 libgssapi-krb5-2 1.19.2-2ubuntu0.6 libgssrpc4 1.19.2-2ubuntu0.6 libkdb5-10 1.19.2-2ubuntu0.6 Ubuntu 20.04 LTS krb5-admin-server 1.17-6ubuntu4.9 krb5-kdc 1.17-6ubuntu4.9 libgssapi-krb5-2 1.17-6ubuntu4.9 libgssrpc4 1.17-6ubuntu4.9 libkdb5-9 1.17-6ubuntu4.9 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7314-1
CVE-2024-26458, CVE-2024-26461, CVE-2024-26462, CVE-2025-24528
Get the latest Linux and open source security news straight to your inbox.