[ALSA-2026:3032] Important: munge security update
Type:
security
Severity:
important
Release date:
2026-02-23
Description:
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having common users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients within this security realm can create and validate credentials without the use of root privileges, reserved ports, or platform-specific methods. Security Fix(es): * MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery (CVE-2026-25506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 munge-0.5.13-3.el8_10.aarch64.rpm 2f448d63dce2a5969476f1decccb39b753c345e2bc2acdf114c5ba9ee2027fcd
aarch64 munge-devel-0.5.13-3.el8_10.aarch64.rpm 8c7df92e1fd2dd231808e3b21c2be3dcaa8bc7fa047fa950af0bce6db3ba8376
aarch64 munge-libs-0.5.13-3.el8_10.aarch64.rpm de45f0e1e20a36251812fd27ab21e18dadb8fbbb0839ce83c30b69edc79a48ed
i686 munge-libs-0.5.13-3.el8_10.i686.rpm 6c90d565aa572f262ed3a46f0136c4da5f9d034d25b4c17475f6e9f5f8b30b33
i686 munge-devel-0.5.13-3.el8_10.i686.rpm 7f6fb8fb2468ca59911b5760f5a2a9ed21aaac8a286c2efd50c07648e789c849
ppc64le munge-0.5.13-3.el8_10.ppc64le.rpm 28a44355a9a7f4ac8d27ac82e1633e775f5372dc52295e1a08f01564c5342bea
ppc64le munge-devel-0.5.13-3.el8_10.ppc64le.rpm 5e424fa92ee679818e24560952548dba8a33fd1b5cd716281eca7977988c007b
ppc64le munge-libs-0.5.13-3.el8_10.ppc64le.rpm a74d0336475e29fcc5ca5b4170348e218dfea22176b01499341c8070da7c47d5
s390x munge-devel-0.5.13-3.el8_10.s390x.rpm 3137a0f7e410991d402ac896d94fd010d403108eac7cb2930d77ed72359b53f8
s390x munge-0.5.13-3.el8_10.s390x.rpm 7d8e814ba362aab6518aa091fcf7dce6159ea20249a40219fd38e9521729d891
s390x munge-libs-0.5.13-3.el8_10.s390x.rpm b565a8e3297f9ef62e669c7cebea3163fd753e4f2fffbd2f516c43e9eaf8298e
x86_64 munge-libs-0.5.13-3.el8_10.x86_64.rpm 4fc4580f1a9b5eb64055a5680eef4ab2949df57522c6490a1e5c67c54467ffa6
x86_64 munge-devel-0.5.13-3.el8_10.x86_64.rpm 600eaffe33ea42c9fd34621c99932d39b9ba42e491cfea5e6a7101b2d0ec0f29
x86_64 munge-0.5.13-3.el8_10.x86_64.rpm bcdb387a713bf082e7e05a618a1c800925a61280008175996656beda39680846
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.