OESA-2025-1135
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1135
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-1135.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2025-1135
- Upstream
- Published
- 2025-02-14T12:13:14Z
- Modified
- 2025-08-12T05:49:22.660516Z
- Summary
- krb5 security update
- Details
-
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
Security Fix(es):
In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.(CVE-2025-24528)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:20.03-LTS-SP4
krb5
Package
- Name
- krb5
- Purl
- pkg:rpm/openEuler/krb5&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.18.2-17.oe2003sp4
Ecosystem specific
{
"src": [
"krb5-1.18.2-17.oe2003sp4.src.rpm"
],
"noarch": [
"krb5-help-1.18.2-17.oe2003sp4.noarch.rpm"
],
"aarch64": [
"krb5-1.18.2-17.oe2003sp4.aarch64.rpm",
"krb5-client-1.18.2-17.oe2003sp4.aarch64.rpm",
"krb5-debuginfo-1.18.2-17.oe2003sp4.aarch64.rpm",
"krb5-debugsource-1.18.2-17.oe2003sp4.aarch64.rpm",
"krb5-devel-1.18.2-17.oe2003sp4.aarch64.rpm",
"krb5-libs-1.18.2-17.oe2003sp4.aarch64.rpm",
"krb5-server-1.18.2-17.oe2003sp4.aarch64.rpm"
],
"x86_64": [
"krb5-1.18.2-17.oe2003sp4.x86_64.rpm",
"krb5-client-1.18.2-17.oe2003sp4.x86_64.rpm",
"krb5-debuginfo-1.18.2-17.oe2003sp4.x86_64.rpm",
"krb5-debugsource-1.18.2-17.oe2003sp4.x86_64.rpm",
"krb5-devel-1.18.2-17.oe2003sp4.x86_64.rpm",
"krb5-libs-1.18.2-17.oe2003sp4.x86_64.rpm",
"krb5-server-1.18.2-17.oe2003sp4.x86_64.rpm"
]
}openEuler:22.03-LTS-SP3
krb5
Package
- Name
- krb5
- Purl
- pkg:rpm/openEuler/krb5&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.19.2-23.oe2203sp3
Ecosystem specific
{
"src": [
"krb5-1.19.2-23.oe2203sp3.src.rpm"
],
"noarch": [
"krb5-help-1.19.2-23.oe2203sp3.noarch.rpm"
],
"aarch64": [
"krb5-1.19.2-23.oe2203sp3.aarch64.rpm",
"krb5-client-1.19.2-23.oe2203sp3.aarch64.rpm",
"krb5-debuginfo-1.19.2-23.oe2203sp3.aarch64.rpm",
"krb5-debugsource-1.19.2-23.oe2203sp3.aarch64.rpm",
"krb5-devel-1.19.2-23.oe2203sp3.aarch64.rpm",
"krb5-libs-1.19.2-23.oe2203sp3.aarch64.rpm",
"krb5-server-1.19.2-23.oe2203sp3.aarch64.rpm"
],
"x86_64": [
"krb5-1.19.2-23.oe2203sp3.x86_64.rpm",
"krb5-client-1.19.2-23.oe2203sp3.x86_64.rpm",
"krb5-debuginfo-1.19.2-23.oe2203sp3.x86_64.rpm",
"krb5-debugsource-1.19.2-23.oe2203sp3.x86_64.rpm",
"krb5-devel-1.19.2-23.oe2203sp3.x86_64.rpm",
"krb5-libs-1.19.2-23.oe2203sp3.x86_64.rpm",
"krb5-server-1.19.2-23.oe2203sp3.x86_64.rpm"
]
}openEuler:22.03-LTS-SP4
krb5
Package
- Name
- krb5
- Purl
- pkg:rpm/openEuler/krb5&distro=openEuler-22.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.19.2-23.oe2203sp4
Ecosystem specific
{
"src": [
"krb5-1.19.2-23.oe2203sp4.src.rpm"
],
"noarch": [
"krb5-help-1.19.2-23.oe2203sp4.noarch.rpm"
],
"aarch64": [
"krb5-1.19.2-23.oe2203sp4.aarch64.rpm",
"krb5-client-1.19.2-23.oe2203sp4.aarch64.rpm",
"krb5-debuginfo-1.19.2-23.oe2203sp4.aarch64.rpm",
"krb5-debugsource-1.19.2-23.oe2203sp4.aarch64.rpm",
"krb5-devel-1.19.2-23.oe2203sp4.aarch64.rpm",
"krb5-libs-1.19.2-23.oe2203sp4.aarch64.rpm",
"krb5-server-1.19.2-23.oe2203sp4.aarch64.rpm"
],
"x86_64": [
"krb5-1.19.2-23.oe2203sp4.x86_64.rpm",
"krb5-client-1.19.2-23.oe2203sp4.x86_64.rpm",
"krb5-debuginfo-1.19.2-23.oe2203sp4.x86_64.rpm",
"krb5-debugsource-1.19.2-23.oe2203sp4.x86_64.rpm",
"krb5-devel-1.19.2-23.oe2203sp4.x86_64.rpm",
"krb5-libs-1.19.2-23.oe2203sp4.x86_64.rpm",
"krb5-server-1.19.2-23.oe2203sp4.x86_64.rpm"
]
}openEuler:24.03-LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:rpm/openEuler/krb5&distro=openEuler-24.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.21.2-14.oe2403sp1
Ecosystem specific
{
"src": [
"krb5-1.21.2-14.oe2403.src.rpm",
"krb5-1.21.2-14.oe2403sp1.src.rpm"
],
"noarch": [
"krb5-help-1.21.2-14.oe2403.noarch.rpm",
"krb5-help-1.21.2-14.oe2403sp1.noarch.rpm"
],
"aarch64": [
"krb5-1.21.2-14.oe2403.aarch64.rpm",
"krb5-client-1.21.2-14.oe2403.aarch64.rpm",
"krb5-debuginfo-1.21.2-14.oe2403.aarch64.rpm",
"krb5-debugsource-1.21.2-14.oe2403.aarch64.rpm",
"krb5-devel-1.21.2-14.oe2403.aarch64.rpm",
"krb5-libs-1.21.2-14.oe2403.aarch64.rpm",
"krb5-server-1.21.2-14.oe2403.aarch64.rpm",
"krb5-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-client-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-debuginfo-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-debugsource-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-devel-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-libs-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-server-1.21.2-14.oe2403sp1.aarch64.rpm"
],
"x86_64": [
"krb5-1.21.2-14.oe2403.x86_64.rpm",
"krb5-client-1.21.2-14.oe2403.x86_64.rpm",
"krb5-debuginfo-1.21.2-14.oe2403.x86_64.rpm",
"krb5-debugsource-1.21.2-14.oe2403.x86_64.rpm",
"krb5-devel-1.21.2-14.oe2403.x86_64.rpm",
"krb5-libs-1.21.2-14.oe2403.x86_64.rpm",
"krb5-server-1.21.2-14.oe2403.x86_64.rpm",
"krb5-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-client-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-debuginfo-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-debugsource-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-devel-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-libs-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-server-1.21.2-14.oe2403sp1.x86_64.rpm"
]
}openEuler:24.03-LTS-SP1
krb5
Package
- Name
- krb5
- Purl
- pkg:rpm/openEuler/krb5&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.21.2-14.oe2403sp1
Ecosystem specific
{
"src": [
"krb5-1.21.2-14.oe2403sp1.src.rpm"
],
"noarch": [
"krb5-help-1.21.2-14.oe2403sp1.noarch.rpm"
],
"aarch64": [
"krb5-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-client-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-debuginfo-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-debugsource-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-devel-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-libs-1.21.2-14.oe2403sp1.aarch64.rpm",
"krb5-server-1.21.2-14.oe2403sp1.aarch64.rpm"
],
"x86_64": [
"krb5-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-client-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-debuginfo-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-debugsource-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-devel-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-libs-1.21.2-14.oe2403sp1.x86_64.rpm",
"krb5-server-1.21.2-14.oe2403sp1.x86_64.rpm"
]
}