MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
Summary
MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-191. Affected package(s): krb5-main, rhui5/haproxy-rhel9:1779798164, krb5, discovery/discovery-ui-rhel9:1782166952, discovery/discovery-server-rhel9:1782159791, rhui5/rhua-rhel9:1779798222. Resolved in Red Hat advisory RHSA-2026:12220 — update the affected packages (`sudo dnf update`).
- krb5-main-1.22.2-7.hum1
- rhui5/haproxy-rhel9:1779798164
- krb5-0:1.21.1-10.el9_8
- krb5-0:1.18.2-34.el8_10
- discovery/discovery-ui-rhel9:1782166952
- discovery/discovery-server-rhel9:1782159791
- rhui5/rhua-rhel9:1779798222
- krb5-0:1.21.3-10.el10_2
- insights-proxy/insights-proxy-container-rhel9:1780420428
- krb5-0:1.21.1-8.el9_6.2
- krb5-0:1.21.1-2.el9_4.5
- rhui5/cds-rhel9:1779798159
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
- RHSA-2026:12220
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:12220 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.