krb5-1.19.1-24.el9
エラータID: AXSA:2023-4928:02
リリース日:
2023/02/01 Wednesday - 08:03
題名:
krb5-1.19.1-24.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Kerberos 5 には、整数オーバーフローの問題があるため、リモート
の攻撃者により、サービス拒否攻撃または任意のコード実行を可能と
する脆弱性が存在します。(CVE-2022-42898)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-42898
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
追加情報:
N/A
ダウンロード:
SRPMS
- krb5-1.19.1-24.el9.src.rpm
MD5: d90b9faade37dd340b13ea93e8399530
SHA-256: 3928f1b3c6c148c088e29e456d1fe3b40f463d21045bf7817e71576db4b07030
Size: 8.50 MB
Asianux Server 9 for x86_64
- krb5-devel-1.19.1-24.el9.x86_64.rpm
MD5: 6f94238001ffe896e6f9c7308c3af086
SHA-256: 83eaedec8fab26a5b36527b41236a262174b62e547ef6e4a0f6b8ee9cdfcc875
Size: 134.39 kB - krb5-libs-1.19.1-24.el9.x86_64.rpm
MD5: bbc7280267f914525933236d00d8a163
SHA-256: 69c1f1b52335a1327b5c8aad07e4fda5f266f559ffafa8b2aeffeb882a9204f4
Size: 718.63 kB - krb5-pkinit-1.19.1-24.el9.x86_64.rpm
MD5: c270bb4d0ea386bd41f991a7a7e36f61
SHA-256: 62241a6592937c911eaed7772c8d88039edfdd7b552b588869372f2e3c4be203
Size: 59.90 kB - krb5-server-1.19.1-24.el9.x86_64.rpm
MD5: b1409e0ae9c99aa56c67e382b000efc9
SHA-256: e2183d77b2deda58813b542b6e04a0d594c9a33788a13184fb1e86b4794be32f
Size: 292.66 kB - krb5-server-ldap-1.19.1-24.el9.x86_64.rpm
MD5: 4a2fc9910cf6cf2be89322c697df76b0
SHA-256: b151c2702570b46347452423fb2f900eaf43bcbd977d1b4512ad84c6584e695f
Size: 91.50 kB - krb5-workstation-1.19.1-24.el9.x86_64.rpm
MD5: 44ed0abeda3d6205b8971a5b643f02fc
SHA-256: b66fbbbc9f69324264ba8d2dabda860548e3f2092f549fa1dac7fbe2f9663f4b
Size: 554.08 kB - libkadm5-1.19.1-24.el9.x86_64.rpm
MD5: 6ab978821ae827cac53b605f163cddd7
SHA-256: 2b3f553b64935e1c36dc2b05e8b1bfcd392a0d455d529170a02c19db05fb96e4
Size: 79.76 kB - krb5-devel-1.19.1-24.el9.i686.rpm
MD5: 0ba224e9f7ebb5339ac3e24ce376bee3
SHA-256: f238b16a2658a01f8c96aaebd87eb7b755bf5b35eda66fe72f0502ce914a65fe
Size: 134.34 kB - krb5-libs-1.19.1-24.el9.i686.rpm
MD5: f1947f5a912347326710d8d251ce9720
SHA-256: f1345895289d3fc93fa2f61b40f14bb7b53f2d6765c4363d0b70271346ee48b7
Size: 767.88 kB - krb5-pkinit-1.19.1-24.el9.i686.rpm
MD5: 7a53a70cb04543e2c6e9cc573bdfd560
SHA-256: bcf2ad2099270fed0b2afa840df32b64e1c633df5e658e2d5c38eb308ae50898
Size: 64.87 kB - krb5-server-1.19.1-24.el9.i686.rpm
MD5: 6d9e22f8aa3133b42668bf34b1ce4aba
SHA-256: 5a42ea84f45b40576f479d6514921624184150c26dcded34bb16e663526dd991
Size: 305.91 kB - krb5-server-ldap-1.19.1-24.el9.i686.rpm
MD5: 5205d2d967a85be5f9fb3a0936fe5384
SHA-256: 083f513d34458d58a897976366e5fb38df40ed4ac9575a940e22dadd76d83b1a
Size: 96.02 kB - libkadm5-1.19.1-24.el9.i686.rpm
MD5: 48521a6d956a3f76c90824ab0bbeba42
SHA-256: bb8128c586d527a2dd9b31d91f5f23b3b863423889a06a4e783b9892e31b7f3a
Size: 84.03 kB