Security Advisory

CVE-2025-24528

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-16 00:00:00

Last updated 2026-01-16 18:06:59

Assigner mitre

State PUBLISHED

Description

In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.

← Browse all CVEs View on cve.org ↗