krb5-1.18.2-34.el8_10

エラータID: AXSA:2026-613:03

リリース日: 
2026/05/14 Thursday - 21:22
題名: 
krb5-1.18.2-34.el8_10
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- MIT Kerberos 5 には、NULL ポインタデリファレンスの問題が
あるため、リモートの攻撃者により、サービス拒否攻撃 (DoS) を
可能とする脆弱性が存在します。(CVE-2026-40355)

- MIT Kerberos 5 には、整数アンダーフロー、およびメモリ領域の
範囲外読み取りの問題があるため、リモートの攻撃者により、サービス
拒否攻撃 (DoS) を可能とする脆弱性が存在します。(CVE-2026-40356)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2026-40355
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
CVE-2026-40356
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. krb5-1.18.2-34.el8_10.src.rpm
    MD5: 9e5974f077bf279143cdde08cd114d1a
    SHA-256: b4a8434e7b39b10028a38702c2b27f365ff48fe7da3148d9026f329821aad4ab
    Size: 9.92 MB

Asianux Server 8 for x86_64
  1. krb5-devel-1.18.2-34.el8_10.i686.rpm
    MD5: 496b9ee36e209c89e2bec226d11d29ac
    SHA-256: db337aad6c4e42469e82ae7b6d3a844fe1d47caab844d695c3167932251b3f5d
    Size: 562.12 kB
  2. krb5-devel-1.18.2-34.el8_10.x86_64.rpm
    MD5: 3fc9c6487460492662bda3e90dca7e9d
    SHA-256: 475ac57ad47bce3e6226f91b7d3422e99dc3a449e3a955406030e00c062a2bb4
    Size: 562.43 kB
  3. krb5-libs-1.18.2-34.el8_10.i686.rpm
    MD5: 4c41b41720fc281601396b278f535bf7
    SHA-256: 19db938ba7537ae07dd59e9beaf493c4fe3580570e5296af71b3ea9924d04d3d
    Size: 910.02 kB
  4. krb5-libs-1.18.2-34.el8_10.x86_64.rpm
    MD5: 45ad256060451073551fae9b96553776
    SHA-256: 33f9d7158371dc1c9bc290b2cc9ee22a2a4534ae465c02981cca29190f221674
    Size: 843.57 kB
  5. krb5-pkinit-1.18.2-34.el8_10.i686.rpm
    MD5: 2c9002beb24cecd394d4bf3ed81a44ef
    SHA-256: 6030dd7fac57bbe06b07bf3635acff4bfd1a22839cc3f9590fccc48a64cc0312
    Size: 180.45 kB
  6. krb5-pkinit-1.18.2-34.el8_10.x86_64.rpm
    MD5: 5512f41f64c60a7dde93d1fec25527c8
    SHA-256: 3141c035c9bd69c9dbbb3918a5c037c7646d1c26044ee61785d9418a13208860
    Size: 175.29 kB
  7. krb5-server-1.18.2-34.el8_10.i686.rpm
    MD5: 2eb5bc714d8bc2a1826200a3c8adb712
    SHA-256: b1921e968a92594d4438df2f3ca8fd794e47fdbcc8cb747624194aac0dd6c3d3
    Size: 1.09 MB
  8. krb5-server-1.18.2-34.el8_10.x86_64.rpm
    MD5: 985f560b8b0fe914876182c12831cc93
    SHA-256: 57791861e1eeec59c0c70758842a4d860c0ab8d7f936d443b9c2a21a32d60ef6
    Size: 1.07 MB
  9. krb5-server-ldap-1.18.2-34.el8_10.i686.rpm
    MD5: 694331a9ae7259ad4c6882a25a4608e2
    SHA-256: d922af070963f0035f925081ec7da1cd7a260a23a705968d2cfb8e3ebf416f87
    Size: 212.49 kB
  10. krb5-server-ldap-1.18.2-34.el8_10.x86_64.rpm
    MD5: bf14305b8e21072b33ec8fcb7f4da5bf
    SHA-256: ad04a38281879f087d1e28fb9f4e0f82f932750ff6a56c19b33462c8520f83d9
    Size: 206.81 kB
  11. krb5-workstation-1.18.2-34.el8_10.x86_64.rpm
    MD5: 84ce3f9e4e921c3a049789c26cf0611d
    SHA-256: 4ab36ec6092fab6b6ee0f8fb491849d9ea70f6eab13d3e0068ea576d54450562
    Size: 959.00 kB
  12. libkadm5-1.18.2-34.el8_10.i686.rpm
    MD5: e283ee965d8596b17596d062f0a6b6cb
    SHA-256: 4838a9e7b4d757383300b1c3f930598570375bf28d169220ff18f3661b21ca3f
    Size: 192.70 kB
  13. libkadm5-1.18.2-34.el8_10.x86_64.rpm
    MD5: 21ce39834af8fd64bff5a742a95bc825
    SHA-256: 7407eaca2e3416af0939b26b43c698c933dbd208d453149bbd11c24ef999daa9
    Size: 188.33 kB