ALSA-2026:19357

[ALSA-2026:19357] Important: krb5 security update

Type:

security

Severity:

important

Release date:

2026-05-26

Description:

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).  

Security Fix(es):  

  * krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read (CVE-2026-40356)
  * krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism (CVE-2026-40355)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	krb5-libs-1.21.1-10.el9_8.aarch64.rpm	2db19409fbc168e55f7d256f90760acfc70f74b8823816aa77b88a8325c1f581
aarch64	krb5-server-ldap-1.21.1-10.el9_8.aarch64.rpm	39ea340dba639dfd5fe264cb406b1ff57eaf887ec0865622ca61993a6f2bc4ee
aarch64	libkadm5-1.21.1-10.el9_8.aarch64.rpm	408e75fa6b893eb7b6243b41f688133d9b3e14d235c2b65fc2323e45591d39e0
aarch64	krb5-devel-1.21.1-10.el9_8.aarch64.rpm	6e2aea81b478101b3a8d340468efbf05a126c89c0dbde07b00127ab1cd32a620
aarch64	krb5-server-1.21.1-10.el9_8.aarch64.rpm	8233497e38daee553793a3a07b6800efd4e67f2cf58cc41a8bda6a52c97448d1
aarch64	krb5-workstation-1.21.1-10.el9_8.aarch64.rpm	bf2efc24216fe4925507b0b568a48e0a3bc9e2e5e7db8cce50d479abe7d3a4ea
aarch64	krb5-xrealmauthz-1.21.1-10.el9_8.aarch64.rpm	db05faf81fe766b40f5b657e3d5b3f3b52b7ba68fd0480a52027a80dfcaaeb3a
aarch64	krb5-pkinit-1.21.1-10.el9_8.aarch64.rpm	e655da2623e0d4da457aeaf1ac0a95b46f5b057d7fc2b3cb4e7ccf9c1ca6fb40
i686	krb5-pkinit-1.21.1-10.el9_8.i686.rpm	2f8d7414dd6a94ef12f14e0c7b835b99efa4dd572088ad981400b7595eb55ab0
i686	libkadm5-1.21.1-10.el9_8.i686.rpm	3515081ab0c56018d5808f848f8ab2d0bd595ea4ea9b6756552ccabe2c086f12
i686	krb5-xrealmauthz-1.21.1-10.el9_8.i686.rpm	580819b565dc02312e9fa2837aa98b21f879d98046ea1e23aae175537e638d62
i686	krb5-server-ldap-1.21.1-10.el9_8.i686.rpm	6ca49201f51d65d055ab85e0904fb9d2032adb0ec45d971a2ba8f11cf8539136
i686	krb5-libs-1.21.1-10.el9_8.i686.rpm	9d9bdd04722f1b320f9abb978a25249dc96a065097df040d2d5c21fc6042164d
i686	krb5-server-1.21.1-10.el9_8.i686.rpm	a265977acc53082d9ad2642c51cbf813938d37b8ad8a36332ec59abede380399
i686	krb5-devel-1.21.1-10.el9_8.i686.rpm	ee05e9628f4bc1189de9cdbafc683584fe4b2e1510a221810e6bbb31e730ec40
ppc64le	krb5-server-ldap-1.21.1-10.el9_8.ppc64le.rpm	090cb392e123226a810c5bd40e4f2b2988e1fa9a06035cae239bb9e165decd92
ppc64le	krb5-workstation-1.21.1-10.el9_8.ppc64le.rpm	3633c53a4e1f59b424013cb688ea38c657a855eea321dedb7842118c2771ef20
ppc64le	krb5-pkinit-1.21.1-10.el9_8.ppc64le.rpm	3e7bbbc12c99f6468818ddda67d929f197c9dc4e56674ea321a392f0c4c4db41
ppc64le	krb5-server-1.21.1-10.el9_8.ppc64le.rpm	47c6a7bb0a1ffb865ed86c7f821a6625823eb7f2337549b4b9ea763502c912ff
ppc64le	libkadm5-1.21.1-10.el9_8.ppc64le.rpm	54eeffb91412a877f3d8f7a11e3b08ec52d41401b87da3ad33f21e2ea0598f74
ppc64le	krb5-libs-1.21.1-10.el9_8.ppc64le.rpm	7eed72ca7a9446d09ae26e0f34acbd63585eb76572f3a13d383e18e8302ccaf7
ppc64le	krb5-xrealmauthz-1.21.1-10.el9_8.ppc64le.rpm	c3e5832cc3492707f66e0e55f91d5a6f56e0782fb2ee3621ab9285761068e777
ppc64le	krb5-devel-1.21.1-10.el9_8.ppc64le.rpm	ed1c4a61cc1406e777aa0119903d2098fd6a49b61eadd90cf8c3f56c202ba0fa
s390x	krb5-pkinit-1.21.1-10.el9_8.s390x.rpm	07fcfb49b9ee10c74c680f0adc8a036b9aeb7a5408a538923a55833f4f985805
s390x	krb5-libs-1.21.1-10.el9_8.s390x.rpm	3850314d9d101d996e5fe1910d525b25d002466a1dbe39d7cc41f5e2e671b080
s390x	krb5-server-ldap-1.21.1-10.el9_8.s390x.rpm	418ef018393cfc337d726e12c5a4133af36eb242d1d9dc2d15130b4d6f5c3a0a
s390x	krb5-devel-1.21.1-10.el9_8.s390x.rpm	769742b09789cb6786bb976adda721e112369e9ebf931373681fba04e107c770
s390x	libkadm5-1.21.1-10.el9_8.s390x.rpm	81ce708600b381cd20dba0d966d2608edb414ca3b74c6031c9dd759ce45ab86e
s390x	krb5-workstation-1.21.1-10.el9_8.s390x.rpm	8e22cde81dad785264cb8363f5ca2fa7b1ed83f9a104033e7b51ef4498ab729a
s390x	krb5-server-1.21.1-10.el9_8.s390x.rpm	9f66caf86b0ca4b41b7e41f0fbfc1b9ae8670d1339f2196dd93ad1b4582aad57
s390x	krb5-xrealmauthz-1.21.1-10.el9_8.s390x.rpm	cf0563c82f8048df4701af2b825ddb43b6110bd9bcf1dc78101a7843b4829568
x86_64	krb5-server-ldap-1.21.1-10.el9_8.x86_64.rpm	349b35295d8362dcd6ad05b6266fe25adf3a733fc9519b1499fe8dc1ac255495
x86_64	krb5-workstation-1.21.1-10.el9_8.x86_64.rpm	3dc9e8a78b7b10bb17e0857907e703b86c38c1e84146aabee261230fec6b5f43
x86_64	libkadm5-1.21.1-10.el9_8.x86_64.rpm	52c46b3bd8f6f87b71a5a287aa609617c778b5da0dae13d504d704aa8b00f26c
x86_64	krb5-libs-1.21.1-10.el9_8.x86_64.rpm	64ee4ce9b42a4d05270a55226366ef979c861efae070a4f6997f1aab2d7fd287
x86_64	krb5-server-1.21.1-10.el9_8.x86_64.rpm	7612f61833795704350287c7c6d76d460621493b57441dc8e1cc327e995170f1
x86_64	krb5-xrealmauthz-1.21.1-10.el9_8.x86_64.rpm	85e3a6b01073bb214300d276df70ece70ac3149e69cc950f59e0a7477704f7e9
x86_64	krb5-devel-1.21.1-10.el9_8.x86_64.rpm	943f164e5960d922e136be0e91817e3797c42d63f31a37ba1c535b8f2279bd5a
x86_64	krb5-pkinit-1.21.1-10.el9_8.x86_64.rpm	aad641194035d777bf9393f2dced57267ff9c08359d82246b3c58b6a1a6a4e01

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.