A krb5 security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a potential Denial of Service (DoS) attack issue.
ELA-753-1 krb5 security update
Package : krb5
ELA-753-1 krb5 security update
Version : 1.12.1+dfsg-19+deb8u7 (jessie), 1.15-1+deb9u4 (stretch)
Related CVEs :
CVE-2022-42898
It was discovered that there was a potential Denial of Service (DoS) attack against krb5, a suite of tools implementing the Kerberos authentication system. An integer overflow in PAC parsing could have been exploited if a cross-realm entity acted maliciously.
