Headline
RHSA-2022:8648: Red Hat Security Advisory: krb5 security update
An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Issued:
2022-11-28
Updated:
2022-11-28
RHSA-2022:8648 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: krb5 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).
Security Fix(es):
- krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2140960 - CVE-2022-42898 krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
krb5-1.17-19.el8_2.src.rpm
SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632
x86_64
krb5-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 6d36c9310fa10d90f09908793cf4e476615ab41926a408446e84a43b104e2ff4
krb5-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 1d6a5b3c14544fa1478b309642eee2cb48f8b7c2bcd1a64fcc4995ca19b4f45a
krb5-debugsource-1.17-19.el8_2.i686.rpm
SHA-256: 02c94d1ad86b4ce186483abc3ef85437068fbdcdc77bffe1a6c1739643a63d1c
krb5-debugsource-1.17-19.el8_2.x86_64.rpm
SHA-256: 2f886a56477e3552f108478ed3d782031a42f2953d0ce7afcb4d64ec31ef8968
krb5-devel-1.17-19.el8_2.i686.rpm
SHA-256: 2f6e0ae41295824a6b85158e89a0ec0e4fbbc5795747726b89c5625211cb069d
krb5-devel-1.17-19.el8_2.x86_64.rpm
SHA-256: 16d8e62387169d6966a3b78b9ab50fb6e92c81f99fcecdbebf4645c8a866a685
krb5-devel-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 950d3817e44a0b9f05eed7524e61fa8621b817b354dfa7c53d7dfa31dc1d38ff
krb5-devel-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 83a9e6927250abe320ae10cbd2ebdd457490b529607dc21159ead5cad77a8878
krb5-libs-1.17-19.el8_2.i686.rpm
SHA-256: 7341dc004e08a70cd4212d186a68a6541d04c74c99e0499037ce625d497d0102
krb5-libs-1.17-19.el8_2.x86_64.rpm
SHA-256: 453f2569dceaf83b98540b56aa13bb89b903988fcd6ca122c5faa85c39cae670
krb5-libs-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: ac35d5e2c7ca21ad7ea465e452dbecd5fd45e14630789a2596e901b9f8271b56
krb5-libs-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 8af874cd0755a55e7960b64841a5ea59dd46c2e4d94fe29353ea6932a6c8d229
krb5-pkinit-1.17-19.el8_2.i686.rpm
SHA-256: d634e7e1cfe8c85e53e5203b44aea3363ed37f585626c3396a432b8f6a75ccd5
krb5-pkinit-1.17-19.el8_2.x86_64.rpm
SHA-256: 4bd9eaa73a27c0cbb70a54849f5c9e7ce401d2364e51b94ab5d45528bd5e13cf
krb5-pkinit-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: c722479ce65384d68dbffe332f678970962bc76051cdd5ac24b71ee5789ac690
krb5-pkinit-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: c49a2e90c8ef7d0600c157791f7246e48c5e811ba0ea15980f7631a0e3c3de85
krb5-server-1.17-19.el8_2.i686.rpm
SHA-256: 900b1e83e1f5b8418eaceeb7c42fe40c2dd5afdebc61e504bad5747436d45123
krb5-server-1.17-19.el8_2.x86_64.rpm
SHA-256: d96cc0646864cbf4c39fc48714552a7816d47d5ac5d68bb207d5f3cf5d01d656
krb5-server-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 2207d525c618e5cdb00bc0bcea095f854fdf94f889d6cb1d44b8632164ce34cd
krb5-server-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: ee0c1c326b97b76692f65f48995f5b8403e36aa920d18d9b18371641e5c3dc1a
krb5-server-ldap-1.17-19.el8_2.i686.rpm
SHA-256: 7b680e570083f125c1be5577714249cd8d3cfc8df1ee7905989bc6703265ea55
krb5-server-ldap-1.17-19.el8_2.x86_64.rpm
SHA-256: 39fae9b40f3be33af4f20645b5d031e576cfc94f2229cc1dd5d7b992e73a6edc
krb5-server-ldap-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 246fdf050c231529dafbb901077be4641859c748f31b7621900c7bac36e58935
krb5-server-ldap-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 775c711fff92c334a9bea2abdccdd810dd67964dcebfb20b4e785df9c0fc4562
krb5-workstation-1.17-19.el8_2.x86_64.rpm
SHA-256: 80ee14234d4da4e9ddfe720e4caef6509577fd8cd7cc21a20a32bc3478bc35fd
krb5-workstation-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 1be3a97ad1c5a7d7e285e50afe8332a0e692bacf0a25ba4996575793d7443319
krb5-workstation-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: ae819a7cf0a1885c8a53dc03b48a8119f551f05afad961a49b24511acb7412a6
libkadm5-1.17-19.el8_2.i686.rpm
SHA-256: b5e2359e421d99b4052b9b6a516b3283070dc0fb93e0027fc434537dcbd59d83
libkadm5-1.17-19.el8_2.x86_64.rpm
SHA-256: 100e96906be35be7be60bbb711053cb83226c54083a49478abc0f4dffee96301
libkadm5-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: a1e0c35bedfe60263bd39897f7ae53b2ca58c303fd4adfe0714f23ab6fe2ce11
libkadm5-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 78783f500cff5f141acdf20b42ad147ed30f881ececd4be031097f9c1ec9e808
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
krb5-1.17-19.el8_2.src.rpm
SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632
x86_64
krb5-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 6d36c9310fa10d90f09908793cf4e476615ab41926a408446e84a43b104e2ff4
krb5-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 1d6a5b3c14544fa1478b309642eee2cb48f8b7c2bcd1a64fcc4995ca19b4f45a
krb5-debugsource-1.17-19.el8_2.i686.rpm
SHA-256: 02c94d1ad86b4ce186483abc3ef85437068fbdcdc77bffe1a6c1739643a63d1c
krb5-debugsource-1.17-19.el8_2.x86_64.rpm
SHA-256: 2f886a56477e3552f108478ed3d782031a42f2953d0ce7afcb4d64ec31ef8968
krb5-devel-1.17-19.el8_2.i686.rpm
SHA-256: 2f6e0ae41295824a6b85158e89a0ec0e4fbbc5795747726b89c5625211cb069d
krb5-devel-1.17-19.el8_2.x86_64.rpm
SHA-256: 16d8e62387169d6966a3b78b9ab50fb6e92c81f99fcecdbebf4645c8a866a685
krb5-devel-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 950d3817e44a0b9f05eed7524e61fa8621b817b354dfa7c53d7dfa31dc1d38ff
krb5-devel-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 83a9e6927250abe320ae10cbd2ebdd457490b529607dc21159ead5cad77a8878
krb5-libs-1.17-19.el8_2.i686.rpm
SHA-256: 7341dc004e08a70cd4212d186a68a6541d04c74c99e0499037ce625d497d0102
krb5-libs-1.17-19.el8_2.x86_64.rpm
SHA-256: 453f2569dceaf83b98540b56aa13bb89b903988fcd6ca122c5faa85c39cae670
krb5-libs-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: ac35d5e2c7ca21ad7ea465e452dbecd5fd45e14630789a2596e901b9f8271b56
krb5-libs-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 8af874cd0755a55e7960b64841a5ea59dd46c2e4d94fe29353ea6932a6c8d229
krb5-pkinit-1.17-19.el8_2.i686.rpm
SHA-256: d634e7e1cfe8c85e53e5203b44aea3363ed37f585626c3396a432b8f6a75ccd5
krb5-pkinit-1.17-19.el8_2.x86_64.rpm
SHA-256: 4bd9eaa73a27c0cbb70a54849f5c9e7ce401d2364e51b94ab5d45528bd5e13cf
krb5-pkinit-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: c722479ce65384d68dbffe332f678970962bc76051cdd5ac24b71ee5789ac690
krb5-pkinit-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: c49a2e90c8ef7d0600c157791f7246e48c5e811ba0ea15980f7631a0e3c3de85
krb5-server-1.17-19.el8_2.i686.rpm
SHA-256: 900b1e83e1f5b8418eaceeb7c42fe40c2dd5afdebc61e504bad5747436d45123
krb5-server-1.17-19.el8_2.x86_64.rpm
SHA-256: d96cc0646864cbf4c39fc48714552a7816d47d5ac5d68bb207d5f3cf5d01d656
krb5-server-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 2207d525c618e5cdb00bc0bcea095f854fdf94f889d6cb1d44b8632164ce34cd
krb5-server-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: ee0c1c326b97b76692f65f48995f5b8403e36aa920d18d9b18371641e5c3dc1a
krb5-server-ldap-1.17-19.el8_2.i686.rpm
SHA-256: 7b680e570083f125c1be5577714249cd8d3cfc8df1ee7905989bc6703265ea55
krb5-server-ldap-1.17-19.el8_2.x86_64.rpm
SHA-256: 39fae9b40f3be33af4f20645b5d031e576cfc94f2229cc1dd5d7b992e73a6edc
krb5-server-ldap-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 246fdf050c231529dafbb901077be4641859c748f31b7621900c7bac36e58935
krb5-server-ldap-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 775c711fff92c334a9bea2abdccdd810dd67964dcebfb20b4e785df9c0fc4562
krb5-workstation-1.17-19.el8_2.x86_64.rpm
SHA-256: 80ee14234d4da4e9ddfe720e4caef6509577fd8cd7cc21a20a32bc3478bc35fd
krb5-workstation-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 1be3a97ad1c5a7d7e285e50afe8332a0e692bacf0a25ba4996575793d7443319
krb5-workstation-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: ae819a7cf0a1885c8a53dc03b48a8119f551f05afad961a49b24511acb7412a6
libkadm5-1.17-19.el8_2.i686.rpm
SHA-256: b5e2359e421d99b4052b9b6a516b3283070dc0fb93e0027fc434537dcbd59d83
libkadm5-1.17-19.el8_2.x86_64.rpm
SHA-256: 100e96906be35be7be60bbb711053cb83226c54083a49478abc0f4dffee96301
libkadm5-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: a1e0c35bedfe60263bd39897f7ae53b2ca58c303fd4adfe0714f23ab6fe2ce11
libkadm5-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 78783f500cff5f141acdf20b42ad147ed30f881ececd4be031097f9c1ec9e808
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
krb5-1.17-19.el8_2.src.rpm
SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632
ppc64le
krb5-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: a928951c7d55265ab1703c7adaf866f0897de51bb8561181d3bda4d65e574f0a
krb5-debugsource-1.17-19.el8_2.ppc64le.rpm
SHA-256: bbf39b1f80c3a3a5cb1d6ea2f721f00852cac006618e78f5ae2637bc3e344d66
krb5-devel-1.17-19.el8_2.ppc64le.rpm
SHA-256: 6c407ee7053b035b1f3357d74f3e53d6eab6559b785e87c6f045f7889a12b511
krb5-devel-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: 13434d429e0e8cfb3552bde494ec82d2e70521898e0546d17b6b563b7595428f
krb5-libs-1.17-19.el8_2.ppc64le.rpm
SHA-256: c10e674f8b3ddea40d465870cd506d685cc1ee09e86b660e5cfdb0575e24a8e0
krb5-libs-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: 189d68a3f171cbc50dc6d00d2419ff32cc771be441f123a1fde78504fe84e30a
krb5-pkinit-1.17-19.el8_2.ppc64le.rpm
SHA-256: ede8a6690059e7d37fbcee55783df3b773e1f1c3cd8d2157c1ef0fb9aeb86cf8
krb5-pkinit-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: a70df0ac5653054bf87b05c47dcf329a9c15c0f2200ad1844d9cbbc5cba1c866
krb5-server-1.17-19.el8_2.ppc64le.rpm
SHA-256: 6d1b7d9bd748407e451ee1a33360db5e17639090f728e7d7527876e1163723fc
krb5-server-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: 8e391b8f429f4a8d9a508d87ffefdf316c788123fe25e4a2e1023a9789ee8f2a
krb5-server-ldap-1.17-19.el8_2.ppc64le.rpm
SHA-256: 65e8088f0feeca14167cb8d8219db746b951dd13922db1658f12c87000675bfb
krb5-server-ldap-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: fc05882533b24b672c2a945972f3a94f61cf7c89888aa5e04452a7626b69b72b
krb5-workstation-1.17-19.el8_2.ppc64le.rpm
SHA-256: 8ba893c1e316690d7c596babb716e7c9a8055edf39f5c5fc603b9ddada1cad28
krb5-workstation-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: 5b5da89482a41a6fae73e1085200399f22c05a27bd0f7fcb2bd4f1042808fd46
libkadm5-1.17-19.el8_2.ppc64le.rpm
SHA-256: 71c84a4f3c31ef6216abcfb8d0699dcf239c6d917f9bd1127329196c2cbecc15
libkadm5-debuginfo-1.17-19.el8_2.ppc64le.rpm
SHA-256: 1253e9408deddbaa169879572513ddc107941b4e3b7027b36db3e671af30d78e
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
krb5-1.17-19.el8_2.src.rpm
SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632
x86_64
krb5-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 6d36c9310fa10d90f09908793cf4e476615ab41926a408446e84a43b104e2ff4
krb5-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 1d6a5b3c14544fa1478b309642eee2cb48f8b7c2bcd1a64fcc4995ca19b4f45a
krb5-debugsource-1.17-19.el8_2.i686.rpm
SHA-256: 02c94d1ad86b4ce186483abc3ef85437068fbdcdc77bffe1a6c1739643a63d1c
krb5-debugsource-1.17-19.el8_2.x86_64.rpm
SHA-256: 2f886a56477e3552f108478ed3d782031a42f2953d0ce7afcb4d64ec31ef8968
krb5-devel-1.17-19.el8_2.i686.rpm
SHA-256: 2f6e0ae41295824a6b85158e89a0ec0e4fbbc5795747726b89c5625211cb069d
krb5-devel-1.17-19.el8_2.x86_64.rpm
SHA-256: 16d8e62387169d6966a3b78b9ab50fb6e92c81f99fcecdbebf4645c8a866a685
krb5-devel-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 950d3817e44a0b9f05eed7524e61fa8621b817b354dfa7c53d7dfa31dc1d38ff
krb5-devel-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 83a9e6927250abe320ae10cbd2ebdd457490b529607dc21159ead5cad77a8878
krb5-libs-1.17-19.el8_2.i686.rpm
SHA-256: 7341dc004e08a70cd4212d186a68a6541d04c74c99e0499037ce625d497d0102
krb5-libs-1.17-19.el8_2.x86_64.rpm
SHA-256: 453f2569dceaf83b98540b56aa13bb89b903988fcd6ca122c5faa85c39cae670
krb5-libs-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: ac35d5e2c7ca21ad7ea465e452dbecd5fd45e14630789a2596e901b9f8271b56
krb5-libs-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 8af874cd0755a55e7960b64841a5ea59dd46c2e4d94fe29353ea6932a6c8d229
krb5-pkinit-1.17-19.el8_2.i686.rpm
SHA-256: d634e7e1cfe8c85e53e5203b44aea3363ed37f585626c3396a432b8f6a75ccd5
krb5-pkinit-1.17-19.el8_2.x86_64.rpm
SHA-256: 4bd9eaa73a27c0cbb70a54849f5c9e7ce401d2364e51b94ab5d45528bd5e13cf
krb5-pkinit-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: c722479ce65384d68dbffe332f678970962bc76051cdd5ac24b71ee5789ac690
krb5-pkinit-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: c49a2e90c8ef7d0600c157791f7246e48c5e811ba0ea15980f7631a0e3c3de85
krb5-server-1.17-19.el8_2.i686.rpm
SHA-256: 900b1e83e1f5b8418eaceeb7c42fe40c2dd5afdebc61e504bad5747436d45123
krb5-server-1.17-19.el8_2.x86_64.rpm
SHA-256: d96cc0646864cbf4c39fc48714552a7816d47d5ac5d68bb207d5f3cf5d01d656
krb5-server-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 2207d525c618e5cdb00bc0bcea095f854fdf94f889d6cb1d44b8632164ce34cd
krb5-server-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: ee0c1c326b97b76692f65f48995f5b8403e36aa920d18d9b18371641e5c3dc1a
krb5-server-ldap-1.17-19.el8_2.i686.rpm
SHA-256: 7b680e570083f125c1be5577714249cd8d3cfc8df1ee7905989bc6703265ea55
krb5-server-ldap-1.17-19.el8_2.x86_64.rpm
SHA-256: 39fae9b40f3be33af4f20645b5d031e576cfc94f2229cc1dd5d7b992e73a6edc
krb5-server-ldap-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 246fdf050c231529dafbb901077be4641859c748f31b7621900c7bac36e58935
krb5-server-ldap-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 775c711fff92c334a9bea2abdccdd810dd67964dcebfb20b4e785df9c0fc4562
krb5-workstation-1.17-19.el8_2.x86_64.rpm
SHA-256: 80ee14234d4da4e9ddfe720e4caef6509577fd8cd7cc21a20a32bc3478bc35fd
krb5-workstation-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: 1be3a97ad1c5a7d7e285e50afe8332a0e692bacf0a25ba4996575793d7443319
krb5-workstation-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: ae819a7cf0a1885c8a53dc03b48a8119f551f05afad961a49b24511acb7412a6
libkadm5-1.17-19.el8_2.i686.rpm
SHA-256: b5e2359e421d99b4052b9b6a516b3283070dc0fb93e0027fc434537dcbd59d83
libkadm5-1.17-19.el8_2.x86_64.rpm
SHA-256: 100e96906be35be7be60bbb711053cb83226c54083a49478abc0f4dffee96301
libkadm5-debuginfo-1.17-19.el8_2.i686.rpm
SHA-256: a1e0c35bedfe60263bd39897f7ae53b2ca58c303fd4adfe0714f23ab6fe2ce11
libkadm5-debuginfo-1.17-19.el8_2.x86_64.rpm
SHA-256: 78783f500cff5f141acdf20b42ad147ed30f881ececd4be031097f9c1ec9e808
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat Security Advisory 2023-3664-01 - Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.
The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...
Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query ...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
Red Hat Security Advisory 2023-1174-01 - OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.
Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...
Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.
Network observability 1.1.0 release for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0813: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.
Logging Subsystem 5.6.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability. * CVE-2022-46175: A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned f...
Red Hat OpenShift Service Mesh 2.3.1 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-3962: kiali: error message spoofing in kiali UI * CVE-2022-27664: golang: ...
Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...
Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-2879: golang: arc...
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function * CVE-2022-41912: crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: keycloak: path traversal via double URL encoding * CVE-2022-3916: keycloak: Session takeover with OIDC offline refreshtokens
Red Hat Security Advisory 2022-8827-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes.
Red Hat Security Advisory 2022-8663-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
An update for krb5 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Security Advisory 2022-8639-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8638-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8640-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8648-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8641-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8637-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
An update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Debian Linux Security Advisory 5287-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.
Debian Linux Security Advisory 5286-1 - Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution (in a KDC, kadmin, or GSS or Kerberos application server process), information exposure (to a cross-realm KDC acting maliciously), or denial of service (KDC or kadmind process crash).