ipa-4.12.2-14.0.1.el9_6.5
エラータID: AXSA:2025-10926:06
リリース日:
2025/10/06 Monday - 13:57
題名:
ipa-4.12.2-14.0.1.el9_6.5
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- FreeIPA には、リモートの攻撃者により、特権昇格、および情報の
漏洩を可能とする脆弱性が存在します。(CVE-2025-7493)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-7493
A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.
A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.
追加情報:
N/A
ダウンロード:
SRPMS
- ipa-4.12.2-14.0.1.el9_6.5.src.rpm
MD5: 37cdf17a1e725b67696e45b3a1d651d6
SHA-256: 7db07b8f9a507dd22c7fe7cb268bca5c0da8049e1f99e820f990fde15d022208
Size: 5.63 MB
Asianux Server 9 for x86_64
- ipa-client-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: dbccf77283502d6ff65c2e56941ac3ac
SHA-256: e8a2f637f3c00eb9c58458b05ac0c4b8b2fea0ca042c32b2535a41208a944cb4
Size: 137.84 kB - ipa-client-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 54ba3c106dd8d6e85899136108498a27
SHA-256: 2623cfe1fd74d8ef9e35a4ab8391635b60541b03cb782d1868d368282fecdcdb
Size: 42.93 kB - ipa-client-encrypted-dns-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: 6630f0017750c8660c6517d6eae2fa4c
SHA-256: 7e66f6e790694ddee51deee2dc5513cc4de84df8554d36f270d6786d54734cdc
Size: 34.21 kB - ipa-client-epn-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: cf54d9fd5a43acebdc7f2d9022776c32
SHA-256: fb313e0e6810cb9d0378f10dd9d79d97219d138ad25184cf21f4925eba8f648a
Size: 41.86 kB - ipa-client-samba-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: d787b6c58798d969cb3f5c7a198a6399
SHA-256: 77aa3fa1119435be5f111741642b7670c3bdc8be7e6d88374e0bc9081b3547e6
Size: 37.18 kB - ipa-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 49d63795678f70b4fe4e12162c9fe1ca
SHA-256: 12448cfe12c3a9cb821d585336021ac89b18df7f9d4d27c4d2a75428c2934679
Size: 692.04 kB - ipa-selinux-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: a6f7fac405dbc751d927d6f1003907aa
SHA-256: a24e4377259403cf57633ce411bcc8eaec11e6115e5faa8e6e85debfa0e95798
Size: 37.15 kB - ipa-selinux-luna-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 9cd242677a8516fb4a60242dee6d962b
SHA-256: 93b6b9648f6d5be53c048ec4ca780b6dfdcde677e4b2aab0881a1f8d2add94b9
Size: 29.21 kB - ipa-selinux-nfast-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 567aebf28b93b99743c0fbd683b761f5
SHA-256: 8e9b8683abaf2b98a855c8d131c60fe30fce67b9788b347995b0836bc5fb5016
Size: 29.24 kB - ipa-server-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: 313bfb4cceff458ff12eaa10d1e86ee5
SHA-256: e7d7e14b2c652ec9d1ec057d678fbb5d3eaa6100d677a953c09b15881286a1f5
Size: 427.60 kB - ipa-server-common-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: cb01a73c9b4e2701e790243bff149b21
SHA-256: f766d5aa872457de4bd9c5af447dbcef63c71a7a9897267ec9dbe427735406c2
Size: 497.15 kB - ipa-server-dns-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 1de7fa205f8af759e28b5d9f3989ac94
SHA-256: e3cb570f96244620fdd8c583b4e735ab978135d33bc4445dca12156bf9cb832c
Size: 55.57 kB - ipa-server-encrypted-dns-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: 40f1c0bdbaca0ca9544a33ec74407cf0
SHA-256: 719f8c85fef0858c7285bc03519aac5812a4fd242d1d23e74a99ae28b9f1685c
Size: 34.32 kB - ipa-server-trust-ad-4.12.2-14.0.1.el9_6.5.x86_64.rpm
MD5: efeaddd849a2fb5507cf947a636e964f
SHA-256: c7d32536c7bb5a4f10f47c91b210ffd1e2429ba7203d6db256cd55d3995aa49f
Size: 151.73 kB - python3-ipaclient-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 75973a003f7eda51d6094780c360c597
SHA-256: 0044b83f6618ad2e2a5c43d556f7f27090c20275f68d3537cc2690dc10f9fe15
Size: 658.10 kB - python3-ipalib-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 562c3724217d966038b5a47d3fc493a9
SHA-256: ef4489f0dadab5b927ef3cdce80de1b2c5e97405bb765825bbe96a011472b848
Size: 691.29 kB - python3-ipaserver-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 19a09883ccc5ef8f37e0c527f9f3b7ef
SHA-256: d3a82417fb18080dd77f4f685512e40533c79d9b81328a96c38fdf240c61d493
Size: 1.55 MB - python3-ipatests-4.12.2-14.0.1.el9_6.5.noarch.rpm
MD5: 3e7bbbae9ac9ae2cb95cf4d44e208f4d
SHA-256: c0a8b5ed40853348b0328f8e1d25871c6971a78b88fdb275d8897b01e05039f0
Size: 1.75 MB
English