krb5-1.18.2-8.3.el8

エラータID: AXSA:2021-2428:02

Release date: 
Tuesday, September 21, 2021 - 12:40
Subject: 
krb5-1.18.2-8.3.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

* krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS (CVE-2021-36222)
* krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-36222
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
CVE-2021-37750
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. krb5-1.18.2-8.3.el8.src.rpm
    MD5: 385221d050a16b7acb76b933fe336c95
    SHA-256: b280b5dbb17e72150ef3b64c439b24ff87d465b28d164422f8bb6bf1d4239d50
    Size: 9.80 MB

Asianux Server 8 for x86_64
  1. krb5-devel-1.18.2-8.3.el8.x86_64.rpm
    MD5: 95c57fec344310c6eb8a7654b57f6c28
    SHA-256: f9a7779eb7b7f1a4b48b7ce25fd0cdbb29b742ba78b07fb8afdae3e46c06506d
    Size: 558.33 kB
  2. krb5-libs-1.18.2-8.3.el8.x86_64.rpm
    MD5: 9ae91f2db81bc9626118f0647ff12187
    SHA-256: 7a59aea43d765658dcf6f2a579ee9a1c9a3555a37797d4f7522eaec89ead904a
    Size: 837.45 kB
  3. krb5-pkinit-1.18.2-8.3.el8.x86_64.rpm
    MD5: 9a694ebf3d76e252e9414606f66c4f76
    SHA-256: 5e94a27eedf07b18785c8865c556f1d7a3fadd3011d8eb882ca5d0284a5a98f1
    Size: 173.68 kB
  4. krb5-server-1.18.2-8.3.el8.x86_64.rpm
    MD5: 5f34aff99c1c816543f7164954dbe56a
    SHA-256: 2d3711fbd9df6836b1375c3383e476ba9240742fc7a7f09a171fc0d8fb85ac1d
    Size: 1.07 MB
  5. krb5-server-ldap-1.18.2-8.3.el8.x86_64.rpm
    MD5: 369195e685fe0dc797da0439c7155ab7
    SHA-256: 3ba37543fc7a0c681d5b0373b5389247a072a6159b3da7fe45ae76ea334c09ee
    Size: 203.78 kB
  6. krb5-workstation-1.18.2-8.3.el8.x86_64.rpm
    MD5: 50282c7eb42a458336664db995fa8ecc
    SHA-256: 106cee1b24263858e0d4d830152bdad4f006dddca435e937fa0bbcc4939dfe07
    Size: 954.93 kB
  7. libkadm5-1.18.2-8.3.el8.x86_64.rpm
    MD5: 2e7f37b2f96f69134446f73e8ab1640b
    SHA-256: 840e386690b1a896df8c366511e0f895df0b9329eb1bb24b40db77ea5540f6b8
    Size: 185.29 kB
  8. krb5-devel-1.18.2-8.3.el8.i686.rpm
    MD5: 9c8a139d285df90e7a55e247b666d686
    SHA-256: bb10e3e3b24fc9239d10d11cb9d192e1592fe6a00035d0f65025e0b6ffa009f6
    Size: 558.02 kB
  9. krb5-libs-1.18.2-8.3.el8.i686.rpm
    MD5: 09755a7ee79cbf3fddfd700a44118c66
    SHA-256: ef1ebbe876629ca87e4fd23fa28a286f9994a73fa101e93328f193b54aaf521f
    Size: 898.29 kB
  10. krb5-pkinit-1.18.2-8.3.el8.i686.rpm
    MD5: 4c14f3662648fa1e33107d874227ab2a
    SHA-256: aafcbe5fe601a8a10e1c470c42eeb162d093c79823fe249ae945d68f64cbe541
    Size: 179.14 kB
  11. krb5-server-1.18.2-8.3.el8.i686.rpm
    MD5: 4b958c1ff5fe7f70543bd1a681a6b232
    SHA-256: 784f15babe76ded8e1cb67a782974ce752b724f818acc1cd8d26aefc8ce40f14
    Size: 1.09 MB
  12. krb5-server-ldap-1.18.2-8.3.el8.i686.rpm
    MD5: 258384e193c41132d81f014f0603eb28
    SHA-256: 2d34f5c16abd07a1bb2f2488709181818c60a1675f970fb2de80eecef8b05838
    Size: 209.45 kB
  13. libkadm5-1.18.2-8.3.el8.i686.rpm
    MD5: 95660379fbe30c62bff07e2159209e74
    SHA-256: b2419b5674f233ddee3a3d9737598d33ac59d3070fe4bbb052683ee1498d0143
    Size: 189.80 kB