[ELSA-2021-3576] krb5 security update
Severity
Moderate
Affected Packages
7
CVEs
2
[1.18.2-8.3]
- Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
- Resolves: #1997600
[1.18.2-8.2]
- Rebuild for rpminspect; no code changes
- Resolves: #1983728
[1.18.2-8.1]
- Fix KDC null deref on bad encrypted challenge (CVE-2021-36222)
- Resolves: #1983728
| Package | Affected Version |
|---|---|
 pkg:rpm/oraclelinux/libkadm5?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
|
pkg:rpm/oraclelinux/krb5-workstation?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
|
pkg:rpm/oraclelinux/krb5-server?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
|
pkg:rpm/oraclelinux/krb5-server-ldap?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
|
pkg:rpm/oraclelinux/krb5-pkinit?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
|
pkg:rpm/oraclelinux/krb5-libs?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
|
pkg:rpm/oraclelinux/krb5-devel?distro=oraclelinux-8.4
|
< 1.18.2-8.3.el8_4 |
- ID
- ELSA-2021-3576
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2021-3576.html
- Published
-
2021-09-23T00:00:00
(3 years ago) - Modified
-
2021-09-23T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
-
ALAS2-2022-1738
-
ALPINE:CVE-2021-36222
-
ALPINE:CVE-2021-37750
-
ALSA-2021:3576
-
DSA-4944-1
-
ELSA-2021-4788
-
FEDORA-2021-20b495cb94
-
FEDORA-2021-2bae525fd3
-
FEDORA-2021-8b25e4642f
-
FEDORA-2021-f2c8514f02
-
FREEBSD:C9387E4D-2F5F-11EC-8BE6-D4C9EF517024
-
GLSA-202405-11
-
MS:CVE-2021-36222
-
MS:CVE-2021-37750
-
openSUSE-SU-2021:1182-1
-
openSUSE-SU-2021:1411-1
-
openSUSE-SU-2021:2800-1
-
openSUSE-SU-2021:3454-1
-
openSUSE-SU-2022:0283-1
-
RHSA-2021:3576
-
RHSA-2021:4788
-
RLSA-2021:3576
-
SUSE-SU-2021:2800-1
-
SUSE-SU-2021:3454-1
-
SUSE-SU-2021:3454-2
-
SUSE-SU-2022:0283-1
-
SUSE-SU-2022:0751-1
-
SUSE-SU-2022:1396-1
-
SUSE-SU-2022:2134-1
-
SUSE-SU-2022:3676-1
-
SUSE-SU-2022:4154-1
-
SUSE-SU-2022:4428-1
-
SUSE-SU-2022:4437-1
-
SUSE-SU-2022:4439-1
-
SUSE-SU-2024:0191-1
-
SUSE-SU-2024:0196-1
-
SUSE-SU-2024:1702-1
-
USN-5959-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2021-3576 |
|
|
| CVE | CVE-2021-36222 |
|
|
| CVE | CVE-2021-37750 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/libkadm5?distro=oraclelinux-8.4 | oraclelinux |
libkadm5
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 | ||
| Affected | pkg:rpm/oraclelinux/krb5-workstation?distro=oraclelinux-8.4 | oraclelinux |
krb5-workstation
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 | ||
| Affected | pkg:rpm/oraclelinux/krb5-server?distro=oraclelinux-8.4 | oraclelinux |
krb5-server
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 | ||
| Affected | pkg:rpm/oraclelinux/krb5-server-ldap?distro=oraclelinux-8.4 | oraclelinux |
krb5-server-ldap
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 | ||
| Affected | pkg:rpm/oraclelinux/krb5-pkinit?distro=oraclelinux-8.4 | oraclelinux |
krb5-pkinit
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 | ||
| Affected | pkg:rpm/oraclelinux/krb5-libs?distro=oraclelinux-8.4 | oraclelinux |
krb5-libs
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 | ||
| Affected | pkg:rpm/oraclelinux/krb5-devel?distro=oraclelinux-8.4 | oraclelinux |
krb5-devel
|
< 1.18.2-8.3.el8_4 | oraclelinux-8.4 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |