USN-7542-1
- Source
- https://ubuntu.com/security/notices/USN-7542-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7542-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-7542-1
- Upstream
- Related
- Published
- 2025-05-28T14:41:26.161328Z
- Modified
- 2025-10-13T04:41:31Z
- Summary
- krb5 vulnerability
- Details
-
It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information.
This update introduces the allowrc4 and allowdes3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users are advised to discontinue their usage and upgrade to stronger encryption protocols. If the use of the insecure RC4 and 3DES algorithms is necessary, they can be enabled with the aforementioned configuration options.
- References
Affected packages
Ubuntu:20.04:LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.17-6ubuntu4.11?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.17-6ubuntu4.11
Affected versions
1.*
1.17-6
1.17-6ubuntu3
1.17-6ubuntu4
1.17-6ubuntu4.1
1.17-6ubuntu4.2
1.17-6ubuntu4.3
1.17-6ubuntu4.4
1.17-6ubuntu4.6
1.17-6ubuntu4.7
1.17-6ubuntu4.8
1.17-6ubuntu4.9
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "krb5-admin-server",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-gss-samples",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-k5tls",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-kdc",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-kdc-ldap",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-kpropd",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-locales",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-multidev",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-otp",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-pkinit",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "krb5-user",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libgssapi-krb5-2",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libgssrpc4",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libk5crypto3",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkadm5clnt-mit11",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkadm5srv-mit11",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkdb5-9",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkrad-dev",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkrad0",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkrb5-3",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkrb5-dev",
"binary_version": "1.17-6ubuntu4.11"
},
{
"binary_name": "libkrb5support0",
"binary_version": "1.17-6ubuntu4.11"
}
]
}Ubuntu:22.04:LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.19.2-2ubuntu0.7?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.19.2-2ubuntu0.7
Affected versions
1.*
1.18.3-6
1.18.3-7
1.19.2-0ubuntu1
1.19.2-1
1.19.2-2
1.19.2-2ubuntu0.1
1.19.2-2ubuntu0.2
1.19.2-2ubuntu0.3
1.19.2-2ubuntu0.4
1.19.2-2ubuntu0.5
1.19.2-2ubuntu0.6
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "krb5-admin-server",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-gss-samples",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-k5tls",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-kdc",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-kdc-ldap",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-kpropd",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-locales",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-multidev",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-otp",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-pkinit",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "krb5-user",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libgssapi-krb5-2",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libgssrpc4",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libk5crypto3",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkadm5clnt-mit12",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkadm5srv-mit12",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkdb5-10",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkrad-dev",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkrad0",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkrb5-3",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkrb5-dev",
"binary_version": "1.19.2-2ubuntu0.7"
},
{
"binary_name": "libkrb5support0",
"binary_version": "1.19.2-2ubuntu0.7"
}
]
}Ubuntu:24.04:LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.20.1-6ubuntu2.6?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.20.1-6ubuntu2.6
Affected versions
1.*
1.20.1-3ubuntu1
1.20.1-5build1
1.20.1-6ubuntu1
1.20.1-6ubuntu2
1.20.1-6ubuntu2.1
1.20.1-6ubuntu2.2
1.20.1-6ubuntu2.3
1.20.1-6ubuntu2.4
1.20.1-6ubuntu2.5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "krb5-admin-server",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-gss-samples",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-k5tls",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-kdc",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-kdc-ldap",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-kpropd",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-locales",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-multidev",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-otp",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-pkinit",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "krb5-user",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libgssapi-krb5-2",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libgssrpc4t64",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libk5crypto3",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkadm5clnt-mit12",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkadm5srv-mit12",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkdb5-10t64",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkrad-dev",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkrad0",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkrb5-3",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkrb5-dev",
"binary_version": "1.20.1-6ubuntu2.6"
},
{
"binary_name": "libkrb5support0",
"binary_version": "1.20.1-6ubuntu2.6"
}
]
}Ubuntu:Pro:14.04:LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.12+dfsg-2ubuntu5.4+esm7?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.12+dfsg-2ubuntu5.4+esm7
Affected versions
1.*
1.10.1+dfsg-6.1ubuntu1
1.11.3+dfsg-3ubuntu2
1.12+dfsg-2ubuntu1
1.12+dfsg-2ubuntu2
1.12+dfsg-2ubuntu3
1.12+dfsg-2ubuntu4
1.12+dfsg-2ubuntu4.2
1.12+dfsg-2ubuntu5
1.12+dfsg-2ubuntu5.1
1.12+dfsg-2ubuntu5.2
1.12+dfsg-2ubuntu5.3
1.12+dfsg-2ubuntu5.4
1.12+dfsg-2ubuntu5.4+esm1
1.12+dfsg-2ubuntu5.4+esm2
1.12+dfsg-2ubuntu5.4+esm3
1.12+dfsg-2ubuntu5.4+esm4
1.12+dfsg-2ubuntu5.4+esm5
1.12+dfsg-2ubuntu5.4+esm6
Ecosystem specific
{
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "krb5-admin-server",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-gss-samples",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-kdc",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-kdc-ldap",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-locales",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-multidev",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-otp",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-pkinit",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "krb5-user",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libgssapi-krb5-2",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libgssrpc4",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libk5crypto3",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkadm5clnt-mit9",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkadm5srv-mit8",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkadm5srv-mit9",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkdb5-7",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkrad-dev",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkrad0",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkrb5-3",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkrb5-dev",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
},
{
"binary_name": "libkrb5support0",
"binary_version": "1.12+dfsg-2ubuntu5.4+esm7"
}
]
}Ubuntu:Pro:16.04:LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.13.2+dfsg-5ubuntu2.2+esm7?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.13.2+dfsg-5ubuntu2.2+esm7
Affected versions
1.*
1.13.2+dfsg-2
1.13.2+dfsg-3
1.13.2+dfsg-4
1.13.2+dfsg-5
1.13.2+dfsg-5ubuntu1
1.13.2+dfsg-5ubuntu2
1.13.2+dfsg-5ubuntu2.1
1.13.2+dfsg-5ubuntu2.1+esm1
1.13.2+dfsg-5ubuntu2.2
1.13.2+dfsg-5ubuntu2.2+esm3
1.13.2+dfsg-5ubuntu2.2+esm4
1.13.2+dfsg-5ubuntu2.2+esm5
1.13.2+dfsg-5ubuntu2.2+esm6
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "krb5-admin-server",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-gss-samples",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-k5tls",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-kdc",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-kdc-ldap",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-locales",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-multidev",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-otp",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-pkinit",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "krb5-user",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libgssapi-krb5-2",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libgssrpc4",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libk5crypto3",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkadm5clnt-mit9",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkadm5srv-mit9",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkdb5-8",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkrad-dev",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkrad0",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkrb5-3",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkrb5-dev",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
},
{
"binary_name": "libkrb5support0",
"binary_version": "1.13.2+dfsg-5ubuntu2.2+esm7"
}
]
}Ubuntu:Pro:18.04:LTS
krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.16-2ubuntu0.4+esm5?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16-2ubuntu0.4+esm5
Affected versions
1.*
1.15.1-2
1.16-2
1.16-2build1
1.16-2ubuntu0.1
1.16-2ubuntu0.1+esm1
1.16-2ubuntu0.2
1.16-2ubuntu0.3
1.16-2ubuntu0.4
1.16-2ubuntu0.4+esm1
1.16-2ubuntu0.4+esm2
1.16-2ubuntu0.4+esm3
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "krb5-admin-server",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-gss-samples",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-k5tls",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-kdc",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-kdc-ldap",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-kpropd",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-locales",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-multidev",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-otp",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-pkinit",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "krb5-user",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libgssapi-krb5-2",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libgssrpc4",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libk5crypto3",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkadm5clnt-mit11",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkadm5srv-mit11",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkdb5-9",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkrad-dev",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkrad0",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkrb5-3",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkrb5-dev",
"binary_version": "1.16-2ubuntu0.4+esm5"
},
{
"binary_name": "libkrb5support0",
"binary_version": "1.16-2ubuntu0.4+esm5"
}
]
}