Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:8860 - Security Advisory
Issued:
2024-11-05
Updated:
2024-11-05

RHSA-2024:8860 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: krb5 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for krb5 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

  • freeradius: forgery attack (CVE-2024-3596)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2263240 - CVE-2024-3596 freeradius: forgery attack
  • RHEL-50253 - libkrad: implement support for Message-Authenticator (CVE-2024-3596) [rhel-8]

CVEs

  • CVE-2024-3596

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
krb5-1.18.2-30.el8_10.src.rpm SHA-256: fa725e43b4eca8b62d098c2167243b2e27ff759d007bbe33e71ba3fd0d63c8d3
x86_64
krb5-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: 68f0361df1107dc4c1d3a49cab995ce3ca6162d11f0c38a73e98f3f3211ef708
krb5-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: ff62962eb824f005d8658ee8a99ac7ea61e05269abeb33704fa92a0785a6520c
krb5-debugsource-1.18.2-30.el8_10.i686.rpm SHA-256: d5561746467561fab555d78b32745a07520662ed1ebce63da0f584c4d5cecac3
krb5-debugsource-1.18.2-30.el8_10.x86_64.rpm SHA-256: 01c67b7d99c64b901318355c39e4d8bb145dfaaa55dac246d83626846f62ab21
krb5-devel-1.18.2-30.el8_10.i686.rpm SHA-256: 05ac9049c2b949676d5c214c976c72303d4e89892a5b3887bca82c2f6ceb8196
krb5-devel-1.18.2-30.el8_10.x86_64.rpm SHA-256: ee3da20c7fc382085b221afcef0d7d3fc5d865e23b1d275bc66049445121813c
krb5-devel-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: efd3aae064bc49b78ad6308bc0f871460f84b00b28fb1aefaf338b594440b60f
krb5-devel-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 9353b27e818a1919537f310a31d4a0a8e5d68002937a95895df616b5b129bd4c
krb5-libs-1.18.2-30.el8_10.i686.rpm SHA-256: 6b16e9307396cb30c62d7e62fc0321f460d532c039ecdb4fa433be688ac9da1f
krb5-libs-1.18.2-30.el8_10.x86_64.rpm SHA-256: 7da8bc32d2305607182730d46e91c3fca92362aa19dd9730a24eef774c8bb4fd
krb5-libs-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: 3a2b24880117843435615ed59118e331046acdc0b4e511693c5736539d1110a4
krb5-libs-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 509ea90452802b26b9cb803f09a361e32819b9e865c2be256846316755533f1b
krb5-pkinit-1.18.2-30.el8_10.i686.rpm SHA-256: 78b6b773bf19c0b63f65088e2d824895a3305bf732cd1e3c1bedd364a9c2e7f3
krb5-pkinit-1.18.2-30.el8_10.x86_64.rpm SHA-256: e094751b53eed1f07e6194c5d34ca462b201234b48d604ed1e4ba6460e58530c
krb5-pkinit-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: 1cf82942054e4af0bbb462bf07f22c8608d644c8c36647174ddbf2053eb20d03
krb5-pkinit-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 3a06ae2b464f1d8d6dfa71e4391727f364978e4b7f6f2ffe578e29a45fa2b36f
krb5-server-1.18.2-30.el8_10.i686.rpm SHA-256: d1243909bff4b226e30fcae4dab0d28c52645f2144e801c1d0f8f98bd70c4771
krb5-server-1.18.2-30.el8_10.x86_64.rpm SHA-256: 929edccdfcd4a23d2df906875b492fb1b32e3a7481f0ad6a784e37f5b23fb3fc
krb5-server-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: bcea9b1d373b015e81df2f8944b6fa025c5e745bc0e3281e0494fab07aac5e37
krb5-server-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 2d1c52b5be06753e9a607b29edf3520eed24a4e486661e04e71311bdffdef053
krb5-server-ldap-1.18.2-30.el8_10.i686.rpm SHA-256: bac9903d84a939bc703982d13eb8cc68fa91663b46075523dbd8a4ba9150d1fb
krb5-server-ldap-1.18.2-30.el8_10.x86_64.rpm SHA-256: 5c532835b6edc1ed5274a6cba4185098dd3aea3efd6e806a4cb5853dad168116
krb5-server-ldap-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: bfdcbe38e243b1bd952f5a2aa8b493439528bf6f7a48b323f40f97b53c62c6c4
krb5-server-ldap-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 6a4c9b73ad801952d136694a6bdd8ad43fde7b728b25562f4df42271a57b9485
krb5-workstation-1.18.2-30.el8_10.x86_64.rpm SHA-256: dd672c425db0182a48d3877eeb7ca89dd5e1f195e3b61028817dfe228fbaf88b
krb5-workstation-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: 693febad5863895dd78937fd15400c2927986d1127e45bc59e53ef8a3c2a021e
krb5-workstation-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 81febb55f0fa4a01471047a309fb5ebc2482b72033bfd2d95b9dc93a5590dfa4
libkadm5-1.18.2-30.el8_10.i686.rpm SHA-256: f2a10a59f9ef24f720a331b55ad572a9511791beed7e654f82a673027a474380
libkadm5-1.18.2-30.el8_10.x86_64.rpm SHA-256: 9ed4bdba1758223305a89f39cd742ec63c273bd70673f3752b1d5a359905c371
libkadm5-debuginfo-1.18.2-30.el8_10.i686.rpm SHA-256: 66ec7e804d0f6a811806af4d097f8c125e7c4a5ae469b21e2b34d70a1f35666a
libkadm5-debuginfo-1.18.2-30.el8_10.x86_64.rpm SHA-256: 33c5bfcff992665cfb06a57e9fbdfe7011854f0f44f9afc66e773eb6543e6d98

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
krb5-1.18.2-30.el8_10.src.rpm SHA-256: fa725e43b4eca8b62d098c2167243b2e27ff759d007bbe33e71ba3fd0d63c8d3
s390x
krb5-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: c59acd547e86fe1a022a01bdb8a9cb6e539d691e96bffca246dbc1e556f7df60
krb5-debugsource-1.18.2-30.el8_10.s390x.rpm SHA-256: 3d4c4fd68b8db15410528416e3c42a87999a0b1d61973a89e4d6091c2350b1f9
krb5-devel-1.18.2-30.el8_10.s390x.rpm SHA-256: d603e4bee8b67594b7c2284d2820ca3a745f7a8bb28f262dd7c2edabfa1c79ca
krb5-devel-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: 6b89dc57c4c963cf388370619105157549bc2049ed2e6bcb0884c9d53aa17eca
krb5-libs-1.18.2-30.el8_10.s390x.rpm SHA-256: d01db24f0b83ac844b902f50d63b98570b2503a0631309f6f081e53e5a1f3c8a
krb5-libs-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: bacabc52841b3695bddb5f0c835ca1466b55b7ab354632be32b977ad35414a4d
krb5-pkinit-1.18.2-30.el8_10.s390x.rpm SHA-256: 0fd6d5f4b9cbf449e77e3891e4156c953e5571aee9e3a442013dcfa5c99d1ca3
krb5-pkinit-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: 4b6c4b37f248c6d8436a00a0404d3fabc2d63c0fa6a7be9cf7d9a73be8fd1775
krb5-server-1.18.2-30.el8_10.s390x.rpm SHA-256: 8ce18175de3def15e769b3eb7e9e6ddd070dd78ad490f1595f437b1534da3aca
krb5-server-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: d1fd125922b6581ada0f70992d4522d4490562bee2b97902c2340324b0907a8b
krb5-server-ldap-1.18.2-30.el8_10.s390x.rpm SHA-256: aede05a8ee4d778e2dbffd50fd6f8c74b125c2b958bf2a83f8618388b495c1aa
krb5-server-ldap-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: 07a84d03c599991506cb1c252a0090d1dcc6ff12e93886b225c57aecf2d582a8
krb5-workstation-1.18.2-30.el8_10.s390x.rpm SHA-256: e5050dda8405641a312e23d016f81343ad4729eba55699983e875f8c83f3573e
krb5-workstation-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: 3d56dd297cfe7ead84204895c1e9e76c2524b5cf179893c6cfd63809c9ae91d2
libkadm5-1.18.2-30.el8_10.s390x.rpm SHA-256: 80f3d8fdb3a7b45371157efdce30964823e279c11e98fad7a3b5e725fc8dba5e
libkadm5-debuginfo-1.18.2-30.el8_10.s390x.rpm SHA-256: 7f7744662937935f430ba54aaed2ee860f127b6050bbdc6782a40499e896b11d

Red Hat Enterprise Linux for Power, little endian 8

SRPM
krb5-1.18.2-30.el8_10.src.rpm SHA-256: fa725e43b4eca8b62d098c2167243b2e27ff759d007bbe33e71ba3fd0d63c8d3
ppc64le
krb5-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 511219e384580f0fe9c68c2e6502d6ebaef4f8a648c134a37d65039b7c0df405
krb5-debugsource-1.18.2-30.el8_10.ppc64le.rpm SHA-256: b2ecf2fdfd73a1b4e6a980a57181bff8788f93f497485cb350d526c1d49a76c5
krb5-devel-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 909ba69367225509ec4b3e011ccd0e762f0d811295568d2390d2c74d8fb698c9
krb5-devel-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 75b8f38147f86053e3cbc84d2f7ec4f689acf05216daebffb3e02245ab2d5859
krb5-libs-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 6ef5b146157f155d78d7b27e4bb52375ecd766cb9b75df707543bcfce968455a
krb5-libs-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 2bb60c258bb19f9653358cee727e243d27d5a4b0381a180cab6fbc4dc1b1a55d
krb5-pkinit-1.18.2-30.el8_10.ppc64le.rpm SHA-256: fc12a80de66996733e4d59157f9b0e660c97444b79bd8206280689a416c894c9
krb5-pkinit-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: faabfd014be46d0c4342126201491d34f8f2eeb1000500fa65c5501c635f3a90
krb5-server-1.18.2-30.el8_10.ppc64le.rpm SHA-256: e8ff05c399f4f88876b95d68ffa0d0dcb8e354b96e4b9b63875c4923b1453316
krb5-server-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 3bb144a968c7650b053d581949cc356fa660769cab15df36f080a209aefe5bcb
krb5-server-ldap-1.18.2-30.el8_10.ppc64le.rpm SHA-256: d230d821f216071616f356e8fbca8fbb0a118867d5a278df525921182424a1d9
krb5-server-ldap-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: dde1f2b3814c5b0b42a5a7dc8f3d3263ddaf0a16c86a15d67e025d9bfcca406c
krb5-workstation-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 408c544f81da427aa1f7848ed7b9c044dbb188681a105228cfcab3c1c13a2c21
krb5-workstation-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: c681a56d185edc4c034811847e60352fd3751293008b4cd44ffa4b944dfc89e3
libkadm5-1.18.2-30.el8_10.ppc64le.rpm SHA-256: 96529e74378ecc6b9e7c3735adf366a85a9cc27437b87c6fbf4e465cafbc11e1
libkadm5-debuginfo-1.18.2-30.el8_10.ppc64le.rpm SHA-256: ad650a69bdb130babe3ee6a9e61ea2a087a289bfe671ab4243ee1f6ba8fc320c

Red Hat Enterprise Linux for ARM 64 8

SRPM
krb5-1.18.2-30.el8_10.src.rpm SHA-256: fa725e43b4eca8b62d098c2167243b2e27ff759d007bbe33e71ba3fd0d63c8d3
aarch64
krb5-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: f825ed1b0422dcd9d85007cca4a01466f3a0dafeefa9836bd753a5a7383bd3e5
krb5-debugsource-1.18.2-30.el8_10.aarch64.rpm SHA-256: fd911057336bdefe9ff83032e7987a8c11e9bebd7d7094f2c0671bec69234e8b
krb5-devel-1.18.2-30.el8_10.aarch64.rpm SHA-256: 40bc63d64a799f73235b0ab98963131c42310f10f6007f109d3f7c2049d80452
krb5-devel-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: 3b535deb25fe98a15ef463419aa361f5ef145d76c238da8eb338223e6aab66fc
krb5-libs-1.18.2-30.el8_10.aarch64.rpm SHA-256: 72446ade3ce73c634ec5f66344ab61706e383c1b86fcec4c88662bfd292ea9c4
krb5-libs-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: b163045dc765eba1d73df2c2896aa05c253554743a827bca1dfdb2b3ee349b17
krb5-pkinit-1.18.2-30.el8_10.aarch64.rpm SHA-256: 2a276e8877d44c4e057a96a1c93efa5d666f2b6ab0412d401749094f196b39fd
krb5-pkinit-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: fed2d408a74e16c3cfa517090418b1f19a05a41a9bd6e911d039831c0ad9b318
krb5-server-1.18.2-30.el8_10.aarch64.rpm SHA-256: 018cb018a24427bb3da7fc4166f9a4a731f311e500cc340014b7bcd5bc49e607
krb5-server-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: 2ddbe0c3ae22a79f4adf600f5875303f78afc99d865e5f9605a1fe56dd1e2f1c
krb5-server-ldap-1.18.2-30.el8_10.aarch64.rpm SHA-256: 9f307df4fb1db61af10129f504a669ba07702d2576b6029dbc0f2cac896a1ed4
krb5-server-ldap-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: 99472baffb684b09bb0df1809aaba8a6db0b63b4b14deff25ca62da3672b1cb7
krb5-workstation-1.18.2-30.el8_10.aarch64.rpm SHA-256: e29a13635fcee8c7b1df8d369e2829097dd457420b0a0b1095262864f717289d
krb5-workstation-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: cca02542a5771fccd508aacb9a2f8ca5e3b71cf075e080ec6e85c23f4824ba97
libkadm5-1.18.2-30.el8_10.aarch64.rpm SHA-256: 74bbdc0852e6a4300b3a2415ccd6592976d41bb6e3c38d771396496cbf271cdf
libkadm5-debuginfo-1.18.2-30.el8_10.aarch64.rpm SHA-256: 867916bfa6af83cf3dfc50d9f983b207dcd5cb8a19acb03972f6009567fd3230

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility