[ALSA-2026:3034] Important: munge security update
Type:
security
Severity:
important
Release date:
2026-02-26
Description:
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having common users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients within this security realm can create and validate credentials without the use of root privileges, reserved ports, or platform-specific methods. Security Fix(es): * MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery (CVE-2026-25506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 munge-0.5.13-14.el9_7.aarch64.rpm 3c1c364ca48be0ec8a37971fe00dfa1bcc1e30589877c2a3c63b5fd2047d6b0e
aarch64 munge-devel-0.5.13-14.el9_7.aarch64.rpm 81890fa22cd838d4f887ec4687eeb1ddcda3987965f01f431ed4ea7267493bdf
aarch64 munge-libs-0.5.13-14.el9_7.aarch64.rpm 8d736199a06abad858b5ec18d4fc07d000af4a917bd3c1e500a25c29b00d382d
i686 munge-libs-0.5.13-14.el9_7.i686.rpm 8ddb051d9385ede74397db6c178f5e5dea205d96815c247785e629c7904ed4dd
i686 munge-devel-0.5.13-14.el9_7.i686.rpm be16465b5c6dce10c80644157e50f21f9b376aa4c50230a030b9a309f2a73ab0
ppc64le munge-0.5.13-14.el9_7.ppc64le.rpm 086f9afbb3315c3118aa91e13608f6df9cd98a26aada31fe44d6bb613cf794e5
ppc64le munge-devel-0.5.13-14.el9_7.ppc64le.rpm 1174d5bcd49ec9722ea70a545f2e87861e6e10e2704cdb53a687a6e53ce3183b
ppc64le munge-libs-0.5.13-14.el9_7.ppc64le.rpm 1329892b2ef9472617279a0da2bc1ba93a74a81d854f0222d5a7edde1ec2072c
s390x munge-0.5.13-14.el9_7.s390x.rpm 258034719a1d3d27feab9285d8e64dd6121df340ab4a7ed7a18c35083ae99f6a
s390x munge-libs-0.5.13-14.el9_7.s390x.rpm 73fe93eaf2c4e2a93f097091a1239e8b06c8658084ecb5bd96ebe866e379c813
s390x munge-devel-0.5.13-14.el9_7.s390x.rpm 8b0d7a6446fef065c2bfeb38e6c252054ec66f130173fbeae2d7c3d11e55677b
x86_64 munge-0.5.13-14.el9_7.x86_64.rpm 475c8f356d2aa867afeee3a80336cca395c1b9659e5b6eed82cb1e0c5f6b7c20
x86_64 munge-libs-0.5.13-14.el9_7.x86_64.rpm 9c83b853295cba9b3972bbdc74e253347287422593ce39cfe391d1222f6a9bb8
x86_64 munge-devel-0.5.13-14.el9_7.x86_64.rpm a769589d6559cbdbe9a8c7a882b04648d255f1c7fc09f7d46f155932cc519d74
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.