Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:8663: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#ldap#aws#auth#ibm#ssl

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-11-29

Updated:

2022-11-29

RHSA-2022:8663 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: krb5 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for krb5 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

  • krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 2140960 - CVE-2022-42898 krb5: integer overflow vulnerabilities in PAC parsing

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM

krb5-1.10.3-66.el6_10.src.rpm

SHA-256: 0118c88565e3836d75dd60b824aa5d7a8764e0353c997c592033c402896f2695

x86_64

krb5-debuginfo-1.10.3-66.el6_10.i686.rpm

SHA-256: d1eb9fe63463ec458dc02df381a2b7737b398a7639766366989f3e01383f61aa

krb5-debuginfo-1.10.3-66.el6_10.x86_64.rpm

SHA-256: a2ec55f1ca536847ee23150ac39beb41f3925091131ced4ff9e023b43f76c0a3

krb5-devel-1.10.3-66.el6_10.i686.rpm

SHA-256: 4fbb901e61bc8a1f5b4498a178189af89c64ece515a35476a33432a5679f01b6

krb5-devel-1.10.3-66.el6_10.x86_64.rpm

SHA-256: 960304bd315d5f93c52d7c714618309e21af6fdf9eac9884d322b7bae877fae2

krb5-libs-1.10.3-66.el6_10.i686.rpm

SHA-256: ab825e937941fad2b3e27bfec3d08cd24ceeaf5586923482bc424bcf78071468

krb5-libs-1.10.3-66.el6_10.x86_64.rpm

SHA-256: af10336c294fddb72d77f0a22047f14bf8a0779620842e154fbdb1fcdc105923

krb5-pkinit-openssl-1.10.3-66.el6_10.x86_64.rpm

SHA-256: 3ef3e6c8795b8f55acfe4098356d5f052c98d91ce243dc5dcafef568c8f2ad86

krb5-server-1.10.3-66.el6_10.x86_64.rpm

SHA-256: 127c16ee41c6de5f30390bc46a3195ce6fa445ef221b70e312348ae3dd623c12

krb5-server-ldap-1.10.3-66.el6_10.i686.rpm

SHA-256: 13b375ef11a59bec96be2d9d9caa5889809a43a42159c0ed8bd6393cd01415a0

krb5-server-ldap-1.10.3-66.el6_10.x86_64.rpm

SHA-256: eb445d2ca7a6f4dd910f394e8623f8a9905a0cbbd69937e59269ceaa39ade953

krb5-workstation-1.10.3-66.el6_10.x86_64.rpm

SHA-256: 95ac3e3098be516a8c01e74a6da9f830a91d4d770938200ffcbd2452b132388e

libkadm5-1.10.3-66.el6_10.i686.rpm

SHA-256: b2e0313aa499a4d3f75e46a3685a4b98e998361e3919829f6a43beb04a4fba84

libkadm5-1.10.3-66.el6_10.x86_64.rpm

SHA-256: df9b3ff0be63a6df9a06dec1e99186042f046dbf51d7f3a087802d6c824b2f0d

i386

krb5-debuginfo-1.10.3-66.el6_10.i686.rpm

SHA-256: d1eb9fe63463ec458dc02df381a2b7737b398a7639766366989f3e01383f61aa

krb5-devel-1.10.3-66.el6_10.i686.rpm

SHA-256: 4fbb901e61bc8a1f5b4498a178189af89c64ece515a35476a33432a5679f01b6

krb5-libs-1.10.3-66.el6_10.i686.rpm

SHA-256: ab825e937941fad2b3e27bfec3d08cd24ceeaf5586923482bc424bcf78071468

krb5-pkinit-openssl-1.10.3-66.el6_10.i686.rpm

SHA-256: 7c6584d7bd587d4309cd02be9a22a82f39c9818a2b7b46e493bed2fbc83745f6

krb5-server-1.10.3-66.el6_10.i686.rpm

SHA-256: 96d25d950a6cda6aa714efae611c6ad2272dcb82860b193a15662ed71b5d4528

krb5-server-ldap-1.10.3-66.el6_10.i686.rpm

SHA-256: 13b375ef11a59bec96be2d9d9caa5889809a43a42159c0ed8bd6393cd01415a0

krb5-workstation-1.10.3-66.el6_10.i686.rpm

SHA-256: 3ebf7892400db78e3ec79e2153e779f0616833af1ed8bd4ab64496f0364c7fad

libkadm5-1.10.3-66.el6_10.i686.rpm

SHA-256: b2e0313aa499a4d3f75e46a3685a4b98e998361e3919829f6a43beb04a4fba84

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM

krb5-1.10.3-66.el6_10.src.rpm

SHA-256: 0118c88565e3836d75dd60b824aa5d7a8764e0353c997c592033c402896f2695

s390x

krb5-debuginfo-1.10.3-66.el6_10.s390.rpm

SHA-256: 5da9ba8bebcd12d431e5be13518307798d119af16f7f585051ae254955bc8f06

krb5-debuginfo-1.10.3-66.el6_10.s390x.rpm

SHA-256: 283987d221920db895c32b4296ae35eec7f1565fc0b0daef372a630877d0b650

krb5-devel-1.10.3-66.el6_10.s390.rpm

SHA-256: c4f0a6eb8689dd914af4451b5fd3c2ee698ae8813f23ac5e15657a0a6f5115f0

krb5-devel-1.10.3-66.el6_10.s390x.rpm

SHA-256: 1d1245c779c2d7d7b1bca0813be5734bb5fd05f8a97ecf0c1a854f7cc9493a45

krb5-libs-1.10.3-66.el6_10.s390.rpm

SHA-256: 5a8a926d50361564abe07c248129aaf5fd6ddbb173be7a4a48b65be4816a8345

krb5-libs-1.10.3-66.el6_10.s390x.rpm

SHA-256: e45790881b003f2bbb786aaf3aaa6190bbc558dfa00455146d646c46f7dcb757

krb5-pkinit-openssl-1.10.3-66.el6_10.s390x.rpm

SHA-256: 2f7ea8c5a1e5f9dda8149c68564d65c557e6562e12081f6f71b62cd4472f70eb

krb5-server-1.10.3-66.el6_10.s390x.rpm

SHA-256: 3066545e92a029fbad799de470d9483475b0b14a979de8e7b089e743accf0b96

krb5-server-ldap-1.10.3-66.el6_10.s390.rpm

SHA-256: 229fdb6619ce9a51e95f0adc8f1bf413858123acf9e3dc4984323b1ac87c0f2d

krb5-server-ldap-1.10.3-66.el6_10.s390x.rpm

SHA-256: 22ed1b8614ef36f89bf69e364f0d12f5bb6acb68eaf7e87999b4f808cc907ad1

krb5-workstation-1.10.3-66.el6_10.s390x.rpm

SHA-256: 34480b691fc63b3fb343c3576a057a6947e44024713782b6e225cb1bf3550de9

libkadm5-1.10.3-66.el6_10.s390.rpm

SHA-256: e730c563568c83437ceeaa85600d119a016b251e25e84ef25b1d8d63179fb0f3

libkadm5-1.10.3-66.el6_10.s390x.rpm

SHA-256: 1d5522ec9c40c0bf054de3d2149ffa69ba50809c66ae4bb5629b29c551e1704c

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Gentoo Linux Security Advisory 202405-11

Gentoo Linux Security Advisory 202405-11 - Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. Versions greater than or equal to 1.21.2 are affected.

Gentoo Linux Security Advisory 202309-06

Gentoo Linux Security Advisory 202309-6 - Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected.

Red Hat Security Advisory 2023-3742-02

Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

RHSA-2023:1174: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.2 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic. * CVE-2022...

RHSA-2023:0934: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...

Red Hat Security Advisory 2023-0795-01

Red Hat Security Advisory 2023-0795-01 - Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6.

Red Hat Security Advisory 2023-0709-01

Red Hat Security Advisory 2023-0709-01 - Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. This release includes security and bug fixes, and enhancements.

Red Hat Security Advisory 2023-0634-01

Red Hat Security Advisory 2023-0634-01 - Logging Subsystem 5.6.1 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0542-01

Red Hat Security Advisory 2023-0542-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release. Issues addressed include denial of service and spoofing vulnerabilities.

Red Hat Security Advisory 2023-0470-01

Red Hat Security Advisory 2023-0470-01 - An update is now available for Migration Toolkit for Runtimes (v1.0.1).

RHSA-2023:0470: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update is now available for Migration Toolkit for Runtimes (v1.0.1). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42920: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing

Ubuntu Security Notice USN-5822-1

Ubuntu Security Notice 5822-1 - It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.

Ubuntu Security Notice USN-5800-1

Ubuntu Security Notice 5800-1 - It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2022-8893-01

Red Hat Security Advisory 2022-8893-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.20.

RHSA-2022:8893: Red Hat Security Advisory: OpenShift Container Platform 4.11.20 security update

Red Hat OpenShift Container Platform release 4.11.20 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: golang: crash in a golang.org/x/crypto/ssh server

RHSA-2022:9029: Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.5.3-3]

An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8964: Red Hat Security Advisory: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images

Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: keycloak: path traversal via double URL encoding * CVE-2022-3916: keycloak: Session takeover with OIDC offline refreshtokens

RHSA-2022:8889: Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update

Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays

Red Hat Security Advisory 2022-8669-01

Red Hat Security Advisory 2022-8669-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8662-01

Red Hat Security Advisory 2022-8662-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8638-01

Red Hat Security Advisory 2022-8638-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8641-01

Red Hat Security Advisory 2022-8641-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8637-01

Red Hat Security Advisory 2022-8637-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

RHSA-2022:8648: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8641: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8639: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8638: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8637: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

Debian Security Advisory 5287-1

Debian Linux Security Advisory 5287-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.

Debian Security Advisory 5286-1

Debian Linux Security Advisory 5286-1 - Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution (in a KDC, kadmin, or GSS or Kerberos application server process), information exposure (to a cross-realm KDC acting maliciously), or denial of service (KDC or kadmind process crash).