Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-10.0
Affects Version/s: rhel-10.0
Component/s: krb5
Labels:
- commit

Fixed in Build:
krb5-1.21.3-7.el10
Regression:
No
Severity:
Moderate
Epic Link:
FREEIPA-11520
sprint_count:
2

AssignedTeam:
rhel-idm-ipa
Sub-System Group:

ssg_idm

Internal Target Milestone:
26
Story Points:
2
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
2025-Q1-Bravo-S2, 2025-Q1-Bravo-S3

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/144233
Test Coverage:

RegressionOnly

Release Note Type:
Release Note Not Required

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.

is cloned by

RHEL-76759 Prevent overflow when calculating ulog block size (CVE-2025-24528) [rhel-9]

Closed

links to

RHSA-2024:144233 krb5 bug fix and enhancement update

Assignee:: Julien Rische

Reporter:: Julien Rische

Developer:: Julien Rische

QA Contact:: Michal Polovka

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/01/29 10:53 AM

Updated:: 2025/05/13 10:46 AM

Resolved:: 2025/05/13 10:46 AM

Target end:: 2025/02/17

Next Planned Release Date:: 2025/05/13

Release Date:: 2025/05/13

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide