Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-76759

Prevent overflow when calculating ulog block size (CVE-2025-24528) [rhel-9]

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-9.6
    • None
    • krb5
    • krb5-1.21.1-6.el9
    • No
    • Moderate
    • 1
    • rhel-sst-idm-ipa
    • ssg_idm
    • 2
    • False
    • Hide

      None

      Show
      None
    • None
    • 2025-Q1-Bravo-S2
    • None
    • None
    • None

      This is a clone of issue RHEL-76758 to use for version rhel-9.6

      Original description:
      In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.

              jrische@redhat.com Julien Rische
              watson-automation Watson Automation
              Julien Rische Julien Rische
              Michal Polovka Michal Polovka
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: