Advisories » MGASA-2024-0158

Updated krb5 packages fix security vulnerabilities

Publication date: 30 Apr 2024
Modification date: 30 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-26458 , CVE-2024-26461

Description

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in
/krb5/src/lib/rpc/pmap_rmt.c. (CVE-2024-26458)
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in
/krb5/src/lib/gssapi/krb5/k5sealv3.c. (CVE-2024-26461)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33073
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461

SRPMS

9/core

• krb5-1.20.1-1.1.mga9