Test ID:	1.3.6.1.4.1.25623.1.0.887296
Category:	Fedora Local Security Checks
Title:	Fedora: Security Advisory (FEDORA-2024-df2c70dba9)
Summary:	The remote host is missing an update for the 'krb5' package(s) announced via the FEDORA-2024-df2c70dba9 advisory.
Description:	Summary: The remote host is missing an update for the 'krb5' package(s) announced via the FEDORA-2024-df2c70dba9 advisory. Vulnerability Insight: This update fixes multiple CVEs and rebases to the latest upstream version: ``` * Tue Jul 09 2024 Julien Rische - 1.21.3-1 - New upstream version (1.21.3) - CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c Resolves: rhbz#2266732 - CVE-2024-26461: Memory leak in src/lib/gssapi/krb5/k5sealv3.c Resolves: rhbz#2266741 - CVE-2024-26462: Memory leak in src/kdc/ndr.c Resolves: rhbz#2266743 - Add missing SPDX license identifiers Resolves: rhbz#2265333 * Mon Jul 08 2024 Julien Rische - 1.21.2-6 - CVE-2024-37370 CVE-2024-37371: GSS message token handling Resolves: rhbz#2294678 rhbz#2294680 - Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Do not include files with '~ ' termination in krb5-tests ``` Affected Software/OS: 'krb5' package(s) on Fedora 39. Solution: Please install the updated package(s). CVSS Score: 9.4 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-26458 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md Common Vulnerability Exposure (CVE) ID: CVE-2024-26461 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md Common Vulnerability Exposure (CVE) ID: CVE-2024-26462 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md Common Vulnerability Exposure (CVE) ID: CVE-2024-37370 Common Vulnerability Exposure (CVE) ID: CVE-2024-37371
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.