CVE-2024-26461

ADVISORY - ubuntu

Summary

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

EPSS Score⁠: 0.00046 (0.141)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - redhat

CWE-401⁠

Missing Release of Memory after Effective Lifetime

Impacted images

Advisories

Ubuntu

CREATED

1 year ago

UPDATED

10 days ago

ADVISORY IDCVE-2024-26461⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
ubuntu/krb5	deb	ubuntu	22.04	<1.19.2-2ubuntu0.6	1.19.2-2ubuntu0.6
ubuntu/krb5	deb	ubuntu	24.04	<1.20.1-6ubuntu2.5	1.20.1-6ubuntu2.5
ubuntu/krb5	deb	ubuntu	24.10	<1.21.3-3ubuntu0.2	1.21.3-3ubuntu0.2
ubuntu/krb5	deb	ubuntu	23.10	>=0	Not yet available
ubuntu/krb5	deb	ubuntu	25.04	<1.21.3-4ubuntu2	1.21.3-4ubuntu2
ubuntu/krb5	deb	ubuntu	16.04	>=0	Not yet available
ubuntu/krb5	deb	ubuntu	20.04	<1.17-6ubuntu4.9	1.17-6ubuntu4.9
ubuntu/krb5	deb	ubuntu	18.04	>=0	Not yet available
ubuntu/krb5	deb	ubuntu	14.04	>=0	Not yet available

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

1 year ago

UPDATED

6 months ago

ADVISORY IDCVE-2024-26461⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

7.5high

Debian

CREATED

1 year ago

UPDATED

4 hours ago

ADVISORY IDCVE-2024-26461⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2024:3268⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Alma

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY IDALSA-2024:9331⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALAS2-2024-2512⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALAS2023-2024-586⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

1 year ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-26461⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-401⁠

CVSS SCORE

5.9low

Rocky

CREATED

11 months ago

UPDATED

2 months ago

ADVISORY IDRLSA-2024:3268⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2024-3268⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY IDELSA-2024-9331⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium