Bug 2342798

Summary: Prevent overflow when calculating ulog block size (CVE-2025-24528) [fedora]
Product: [Fedora] Fedora Reporter: Julien Rische <jrische>
Component: krb5Assignee: Julien Rische <jrische>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: abokovoy, antorres, ftrivino, jrische, j, sbose, ssorce
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: krb5-1.21.3-5.fc42 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2025-01-30 22:08:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Julien Rische 2025-01-29 13:53:24 UTC 
In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash.

Reproducible: Always
Comment 1 Fedora Update System 2025-01-29 18:50:19 UTC 
FEDORA-2025-51a9c78142 (krb5-1.21.3-5.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-51a9c78142
Comment 2 Fedora Update System 2025-01-30 22:08:04 UTC 
FEDORA-2025-51a9c78142 (krb5-1.21.3-5.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.