Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:5884 - Security Advisory
Issued:
2024-08-27
Updated:
2024-08-27

RHSA-2024:5884 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: krb5 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

  • krb5: GSS message token handling (CVE-2024-37371)
  • krb5: GSS message token handling (CVE-2024-37370)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

  • BZ - 2294676 - CVE-2024-37371 krb5: GSS message token handling
  • BZ - 2294677 - CVE-2024-37370 krb5: GSS message token handling

CVEs

  • CVE-2024-37370
  • CVE-2024-37371

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
krb5-1.17-19.el8_2.1.src.rpm SHA-256: dc37f3072a3df71d2dbb1d272f27bfe74c76e468d01ed27c8e2ebf503cd565dc
x86_64
krb5-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: 4feef45736a749f4fb6844e362c3bfd68e241c07bb2b72c85ce32c04c1bfebea
krb5-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: 6987233edac5c7d55787d4e0cf41a87d989970c168c52487f27980f3d8fb50bb
krb5-debugsource-1.17-19.el8_2.1.i686.rpm SHA-256: 81d5065d3577c7591bec57d187fb7b4528ca0f152163f3e09db9fd6d82da4045
krb5-debugsource-1.17-19.el8_2.1.x86_64.rpm SHA-256: 1f694db49ddbac06b5d5c9459f70bbe27e9b21482079dab8cf3d4e46a2f1146d
krb5-devel-1.17-19.el8_2.1.i686.rpm SHA-256: f8fb43b496d8c7955ea9407e596c7fbdbf240e19d829da677444229bf4b68f2c
krb5-devel-1.17-19.el8_2.1.x86_64.rpm SHA-256: e1a25f391657528c179c1323769903262727e795e0df5e1b002f89055c300523
krb5-devel-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: 47cc97ac17fbd0a8c6d151ca242b72402c4377e88a1ae37bcc2a2caceeb72949
krb5-devel-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: 66cf520a28718a7f9b8572571dcac4f26185fcea10b532c01b96a2c4ff3f6b2f
krb5-libs-1.17-19.el8_2.1.i686.rpm SHA-256: ebcfac90e08cd04e80aa71af603e37fbae88202f9bdf22c5c5dbfae25ffc0d17
krb5-libs-1.17-19.el8_2.1.x86_64.rpm SHA-256: b7cbeab295bffcf8b61b6a2f41cf0506a2350b3053c00f2dda8023b7c1261398
krb5-libs-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: 9f6a8d60791c367b49330a3f617c01842196d27d0df286ad62adf47bc317867c
krb5-libs-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: e374835ebcf856d5510cde9b8b9c554c3c4fec9e0dea3c8bf61a72608d3e83dc
krb5-pkinit-1.17-19.el8_2.1.i686.rpm SHA-256: 30ae1bd00f7c425538ccfb5327e60f082ac8653122ce818c7b50dece69f0b6e1
krb5-pkinit-1.17-19.el8_2.1.x86_64.rpm SHA-256: a4e7a7c7cd7c4aca531f9d7104504862544f9023cda8635b2864d0611cf2b1d1
krb5-pkinit-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: 8be996eb69b87a573a1ff032356999564d18d2423e9be495820e859f5e449c36
krb5-pkinit-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: cd442b64604f73fbcb04a03be1d419852217abaa6886fedbfaad774d7e040ff8
krb5-server-1.17-19.el8_2.1.i686.rpm SHA-256: 8960b1dfd6e49b30863c3b10f96252ad6b76d61fae1b3b88f9a27e66ec02af2e
krb5-server-1.17-19.el8_2.1.x86_64.rpm SHA-256: ed14b083ea317c27dff9a7da9dd3f03ff7213df809c4f44a2563a9c9f7dbbb55
krb5-server-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: 4f3c8007de5c7007795dfa80ad813c256ac576e3b605297e904bf765633202ec
krb5-server-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: 239951aa3cb1364873615a758df24823ef748e41c53a2c7b9bd58ac9e4433ffe
krb5-server-ldap-1.17-19.el8_2.1.i686.rpm SHA-256: 4b72730c7a7d7d63b90b46e607ee60ae810443941956997832a449b4d6982c33
krb5-server-ldap-1.17-19.el8_2.1.x86_64.rpm SHA-256: 4f0f4c0c392c7d83a95403af7d51dc95911a6ee505dcdeb0a4e5f2b4476a66a6
krb5-server-ldap-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: 15d436b1c4ab09c7c9925b3d1f3ebf0bc57a4c3396115e161699a427c3948cf8
krb5-server-ldap-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: 460d77fa8fe727dc307413697d2a26e691c62a075de4e473626026b6dcc66224
krb5-workstation-1.17-19.el8_2.1.x86_64.rpm SHA-256: 8e63d10fe49c2cd633e04f408f12523c62783977c7355fd84140805bc1102064
krb5-workstation-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: d27d0dab9797df3eeff0b3f39e247f9d76694804e029400044e6681ce7dd36a5
krb5-workstation-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: a6915d8961f6ceb5bada57d6d483126ce7ee71657664fdb027c9d0e170d0f3e7
libkadm5-1.17-19.el8_2.1.i686.rpm SHA-256: dd7489d5e15c9bb18a09af0c56dc8a9b1e6cccb0a27200a9f53de30302834779
libkadm5-1.17-19.el8_2.1.x86_64.rpm SHA-256: 331311b201296c9bf951b6e4575968a8d37aa5da90000d6f7d8f08e7ea1ae0a4
libkadm5-debuginfo-1.17-19.el8_2.1.i686.rpm SHA-256: a56fed5bf2f6f089520829b7bda02cbc9bfb5822d432b66a14b2fd6ebfbfa33d
libkadm5-debuginfo-1.17-19.el8_2.1.x86_64.rpm SHA-256: 828ecd440d113db1a273afc6646758929768c10ccda21db1c35083d599ee2b81

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility