Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in krb5
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in krb5
ID: SUSE-SU-2025:0304-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Micro 5.5, SUSE openSUSE Leap 15.5
Datum: Do, 30. Januar 2025, 23:11
Referenzen: https://www.cve.org/CVERecord?id=CVE-2025-24528
Applikationen: MIT Kerberos

Originalnachricht

 
--===============3558981345488693127==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit



# Security update for krb5

Announcement ID: SUSE-SU-2025:0304-1  
Release Date: 2025-01-30T14:52:22Z  
Rating: moderate  
References:

  * bsc#1236619

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for krb5 fixes the following issues:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-304=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-304=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * krb5-debuginfo-1.20.1-150500.3.12.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.12.1
    * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.12.1
    * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.12.1
    * krb5-plugin-preauth-spake-1.20.1-150500.3.12.1
    * krb5-mini-devel-1.20.1-150500.3.12.1
    * krb5-client-debuginfo-1.20.1-150500.3.12.1
    * krb5-debugsource-1.20.1-150500.3.12.1
    * krb5-devel-1.20.1-150500.3.12.1
    * krb5-plugin-kdb-ldap-1.20.1-150500.3.12.1
    * krb5-server-1.20.1-150500.3.12.1
    * krb5-mini-debuginfo-1.20.1-150500.3.12.1
    * krb5-plugin-preauth-otp-1.20.1-150500.3.12.1
    * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.12.1
    * krb5-1.20.1-150500.3.12.1
    * krb5-mini-1.20.1-150500.3.12.1
    * krb5-mini-debugsource-1.20.1-150500.3.12.1
    * krb5-client-1.20.1-150500.3.12.1
    * krb5-plugin-preauth-pkinit-1.20.1-150500.3.12.1
    * krb5-server-debuginfo-1.20.1-150500.3.12.1
  * openSUSE Leap 15.5 (x86_64)
    * krb5-32bit-1.20.1-150500.3.12.1
    * krb5-32bit-debuginfo-1.20.1-150500.3.12.1
    * krb5-devel-32bit-1.20.1-150500.3.12.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * krb5-devel-64bit-1.20.1-150500.3.12.1
    * krb5-64bit-1.20.1-150500.3.12.1
    * krb5-64bit-debuginfo-1.20.1-150500.3.12.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * krb5-debugsource-1.20.1-150500.3.12.1
    * krb5-debuginfo-1.20.1-150500.3.12.1
    * krb5-1.20.1-150500.3.12.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619


--===============3558981345488693127==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit




<div class="container">
    <h1>Security update for krb5</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-SU-2025:0304-1</td>
        </tr>
        <tr>
            <th>Release Date:</th>
            <td>2025-01-30T14:52:22Z</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>moderate</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1236619">bsc#1236619</a>
                        </li>
                    
                    
                </ul>
            </td>
        </tr>
        
            <tr>
                <th>
                    Cross-References:
                </th>
                <td>
                    <ul>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2025-24528.html">CVE-2025-24528</a>
                        </li>
                    
                    </ul>
                </td>
            </tr>
            <tr>
                <th>CVSS scores:</th>
                <td>
                    <ul class="list-group">
                        
                            <li class="list-group-item">
                                <span
 class="cvss-reference">CVE-2025-24528</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span
 class="cvss-score">6.0</span>
                                <span
 class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span
 class="cvss-reference">CVE-2025-24528</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span
 class="cvss-score">6.5</span>
                                <span
 class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                    </ul>
                </td>
            </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">openSUSE Leap
 15.5</li>
                    
                        <li class="list-group-item">SUSE Linux
 Enterprise Micro 5.5</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that solves one vulnerability can now be
 installed.</p>

    


    
        <h2>Description:</h2>
    
    <p>This update for krb5 fixes the following issues:</p>
<ul>
<li>CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
 calculating ulog block size can lead to process crash (bsc#1236619).</li>
</ul>



    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE  update use the SUSE recommended
        installation methods like YaST online_update or "zypper
 patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                openSUSE Leap 15.5
                
                    
                        <br/>
                        <code>zypper in -t patch
 SUSE-2025-304=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                SUSE Linux Enterprise Micro 5.5
                
                    
                        <br/>
                        <code>zypper in -t patch
 SUSE-SLE-Micro-5.5-2025-304=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
                    <ul>
                        
                           
 <li>krb5-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-preauth-spake-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-mini-devel-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-client-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-debugsource-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-devel-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-kdb-ldap-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-server-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-mini-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-preauth-otp-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.12.1</li>
                        
                            <li>krb5-1.20.1-150500.3.12.1</li>
                        
                            <li>krb5-mini-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-mini-debugsource-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-client-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-plugin-preauth-pkinit-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-server-debuginfo-1.20.1-150500.3.12.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    openSUSE Leap 15.5 (x86_64)
                    <ul>
                        
                           
 <li>krb5-32bit-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-32bit-debuginfo-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-devel-32bit-1.20.1-150500.3.12.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    openSUSE Leap 15.5 (aarch64_ilp32)
                    <ul>
                        
                           
 <li>krb5-devel-64bit-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-64bit-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-64bit-debuginfo-1.20.1-150500.3.12.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x
 x86_64)
                    <ul>
                        
                           
 <li>krb5-debugsource-1.20.1-150500.3.12.1</li>
                        
                           
 <li>krb5-debuginfo-1.20.1-150500.3.12.1</li>
                        
                            <li>krb5-1.20.1-150500.3.12.1</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2025-24528.html">https://www.suse.com/security/cve/CVE-2025-24528.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1236619">https://bugzilla.suse.com/show_bug.cgi?id=1236619</a>
                    </li>
                
            
        </ul>
    
</div>

--===============3558981345488693127==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung