Security update for krb5 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:2303-1 Final 1 1 2024-07-04T14:25:47Z current 2024-07-04T14:25:47Z 2024-07-04T14:25:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for krb5 This update for krb5 fixes the following issues: - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/ltss/sle15.3/bci-base:latest-2024-2303,Container suse/sle-micro-rancher/5.2:latest-2024-2303,Container suse/sle-micro/5.1/toolbox:latest-2024-2303,Container suse/sle-micro/5.2/toolbox:latest-2024-2303,Image SLES15-SP3-BYOS-Azure-2024-2303,Image SLES15-SP3-BYOS-EC2-HVM-2024-2303,Image SLES15-SP3-BYOS-GCE-2024-2303,Image SLES15-SP3-CHOST-BYOS-Aliyun-2024-2303,Image SLES15-SP3-CHOST-BYOS-Azure-2024-2303,Image SLES15-SP3-CHOST-BYOS-EC2-2024-2303,Image SLES15-SP3-CHOST-BYOS-GCE-2024-2303,Image SLES15-SP3-CHOST-BYOS-SAP-CCloud-2024-2303,Image SLES15-SP3-HPC-BYOS-Azure-2024-2303,Image SLES15-SP3-HPC-BYOS-EC2-HVM-2024-2303,Image SLES15-SP3-HPC-BYOS-GCE-2024-2303,Image SLES15-SP3-Micro-5-1-BYOS-Azure-2024-2303,Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM-2024-2303,Image SLES15-SP3-Micro-5-1-BYOS-GCE-2024-2303,Image SLES15-SP3-Micro-5-2-BYOS-Azure-2024-2303,Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM-2024-2303,Image SLES15-SP3-Micro-5-2-BYOS-GCE-2024-2303,Image SLES15-SP3-SAP-Azure-LI-BYOS-Production-2024-2303,Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production-2024-2303,Image SLES15-SP3-SAP-BYOS-Azure-2024-2303,Image SLES15-SP3-SAP-BYOS-EC2-HVM-2024-2303,Image SLES15-SP3-SAP-BYOS-GCE-2024-2303,Image SLES15-SP3-SAPCAL-Azure-2024-2303,Image SLES15-SP3-SAPCAL-EC2-HVM-2024-2303,Image SLES15-SP3-SAPCAL-GCE-2024-2303,SUSE-2024-2303,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2303,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2303,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2303,SUSE-SUSE-MicroOS-5.1-2024-2303,SUSE-SUSE-MicroOS-5.2-2024-2303,SUSE-Storage-7.1-2024-2303 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20242303-1/ Link for SUSE-SU-2024:2303-1 https://lists.suse.com/pipermail/sle-updates/2024-July/035823.html E-Mail link for SUSE-SU-2024:2303-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1227186 SUSE Bug 1227186 https://bugzilla.suse.com/1227187 SUSE Bug 1227187 https://www.suse.com/security/cve/CVE-2024-37370/ SUSE CVE CVE-2024-37370 page https://www.suse.com/security/cve/CVE-2024-37371/ SUSE CVE CVE-2024-37371 page Container suse/ltss/sle15.3/bci-base:latest Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro/5.1/toolbox:latest Container suse/sle-micro/5.2/toolbox:latest Image SLES15-SP3-BYOS-Azure Image SLES15-SP3-BYOS-EC2-HVM Image SLES15-SP3-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-Aliyun Image SLES15-SP3-CHOST-BYOS-Azure Image SLES15-SP3-CHOST-BYOS-EC2 Image SLES15-SP3-CHOST-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-SAP-CCloud Image SLES15-SP3-HPC-BYOS-Azure Image SLES15-SP3-HPC-BYOS-EC2-HVM Image SLES15-SP3-HPC-BYOS-GCE Image SLES15-SP3-Micro-5-1-BYOS-Azure Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-1-BYOS-GCE Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-1.19.2-150300.19.1 krb5-client-1.19.2-150300.19.1 krb5-32bit-1.19.2-150300.19.1 krb5-64bit-1.19.2-150300.19.1 krb5-devel-1.19.2-150300.19.1 krb5-devel-32bit-1.19.2-150300.19.1 krb5-devel-64bit-1.19.2-150300.19.1 krb5-mini-1.19.2-150300.19.1 krb5-mini-devel-1.19.2-150300.19.1 krb5-plugin-kdb-ldap-1.19.2-150300.19.1 krb5-plugin-preauth-otp-1.19.2-150300.19.1 krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 krb5-plugin-preauth-spake-1.19.2-150300.19.1 krb5-server-1.19.2-150300.19.1 krb5-1.19.2-150300.19.1 as a component of Container suse/ltss/sle15.3/bci-base:latest krb5-1.19.2-150300.19.1 as a component of Container suse/sle-micro-rancher/5.2:latest krb5-1.19.2-150300.19.1 as a component of Container suse/sle-micro/5.1/toolbox:latest krb5-1.19.2-150300.19.1 as a component of Container suse/sle-micro/5.2/toolbox:latest krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-BYOS-Azure krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-BYOS-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-BYOS-GCE krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-BYOS-GCE krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-CHOST-BYOS-SAP-CCloud krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production krb5-32bit-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production krb5-32bit-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-Azure krb5-32bit-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-Azure krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-Azure krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM krb5-32bit-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM krb5-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-GCE krb5-32bit-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-GCE krb5-client-1.19.2-150300.19.1 as a component of Image SLES15-SP3-SAPCAL-GCE krb5-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-32bit-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-client-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-devel-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-plugin-kdb-ldap-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-plugin-preauth-otp-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-plugin-preauth-spake-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-server-1.19.2-150300.19.1 as a component of SUSE Enterprise Storage 7.1 krb5-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-32bit-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-client-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-devel-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-plugin-kdb-ldap-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-plugin-preauth-otp-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-plugin-preauth-spake-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-server-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS krb5-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Micro 5.1 krb5-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Micro 5.2 krb5-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-32bit-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-client-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-devel-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-plugin-kdb-ldap-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-plugin-preauth-otp-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-plugin-preauth-spake-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-server-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS krb5-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-32bit-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-client-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-devel-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-plugin-kdb-ldap-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-plugin-preauth-otp-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-plugin-preauth-spake-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 krb5-server-1.19.2-150300.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. CVE-2024-37370 Container suse/ltss/sle15.3/bci-base:latest:krb5-1.19.2-150300.19.1 Container suse/sle-micro-rancher/5.2:latest:krb5-1.19.2-150300.19.1 Container suse/sle-micro/5.1/toolbox:latest:krb5-1.19.2-150300.19.1 Container suse/sle-micro/5.2/toolbox:latest:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-GCE:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-EC2:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-GCE:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-GCE:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-Azure:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-EC2-HVM:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-GCE:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-GCE:krb5-client-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-32bit-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-client-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-devel-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-server-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-32bit-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-client-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-devel-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-server-1.19.2-150300.19.1 SUSE Linux Enterprise Micro 5.1:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Micro 5.2:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-32bit-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-client-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-devel-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-server-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-32bit-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-client-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-devel-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-server-1.19.2-150300.19.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242303-1/ https://www.suse.com/security/cve/CVE-2024-37370.html CVE-2024-37370 https://bugzilla.suse.com/1227186 SUSE Bug 1227186 https://bugzilla.suse.com/1227187 SUSE Bug 1227187 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. CVE-2024-37371 Container suse/ltss/sle15.3/bci-base:latest:krb5-1.19.2-150300.19.1 Container suse/sle-micro-rancher/5.2:latest:krb5-1.19.2-150300.19.1 Container suse/sle-micro/5.1/toolbox:latest:krb5-1.19.2-150300.19.1 Container suse/sle-micro/5.2/toolbox:latest:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-BYOS-GCE:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-EC2:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-HPC-BYOS-GCE:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAP-BYOS-GCE:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-Azure:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-Azure:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-Azure:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-EC2-HVM:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-EC2-HVM:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-EC2-HVM:krb5-client-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-GCE:krb5-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-GCE:krb5-32bit-1.19.2-150300.19.1 Image SLES15-SP3-SAPCAL-GCE:krb5-client-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-32bit-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-client-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-devel-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Enterprise Storage 7.1:krb5-server-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-32bit-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-client-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-devel-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:krb5-server-1.19.2-150300.19.1 SUSE Linux Enterprise Micro 5.1:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Micro 5.2:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-32bit-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-client-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-devel-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Linux Enterprise Server 15 SP3-LTSS:krb5-server-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-32bit-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-client-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-devel-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-kdb-ldap-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-preauth-otp-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-plugin-preauth-spake-1.19.2-150300.19.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:krb5-server-1.19.2-150300.19.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242303-1/ https://www.suse.com/security/cve/CVE-2024-37371.html CVE-2024-37371 https://bugzilla.suse.com/1227186 SUSE Bug 1227186 https://bugzilla.suse.com/1227187 SUSE Bug 1227187