AZL-60928

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60928.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-60928

Upstream

CVE-2025-3576

Published

2025-04-15T06:15:44Z

Modified

2026-04-01T05:19:41.411601Z

Summary

CVE-2025-3576 affecting package krb5 for versions less than 1.19.4-4

Details

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-3576

Affected packages

Azure Linux:2 / krb5

Package

Name: krb5
Purl: pkg:rpm/azure-linux/krb5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.4-4

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60928.json"