CVE-2025-24528 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authe…
High CVSS: 7.1

CVE-2025-24528

In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
Vendor
-
Product
-
CWE
CWE-190
Yayın Tarihi
2026-01-16 18:16:06
Güncelleme
2026-01-26 15:05:57
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-190 HIGH 2026

Referanslar

https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0 https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html