CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-26458

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00106/1

CVE-2024-26458 is a memory leak vulnerability found in Kerberos 5 (krb5) version 1.21.2, specifically within the /krb5/src/lib/rpc/pmap_rmt.c file. This vulnerability can lead to resource exhaustion and potentially impact system stability. While the CVSS score is 0, indicating a low base severity, the SOCRadar Vulnerability Risk Score (SVRS) is 30 and it's tagged as "In The Wild". This suggests that although the CVSS score is low, it needs to be monitored closely. Continuous memory leaks can degrade performance over time. Kerberos is a widely used authentication protocol, so this flaw could affect numerous systems. Organizations should monitor this CVE for potential exploitation attempts and consider patching when available.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-02-29
LAST MODIFIED2024-05-14
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-26458 affects Kerberos 5 (krb5) version 1.21.2, specifically within the /krb5/src/lib/rpc/pmap_rmt.c component. The vulnerability manifests as a memory leak, potentially leading to resource depletion and system instability. While the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a moderate risk level.

Key Insights

  • Memory Leak: The vulnerability causes a memory leak, which can lead to resource depletion and system instability. This can potentially disrupt critical services relying on Kerberos for authentication.
  • Impact on Kerberos: The memory leak is located in the Kerberos 5 authentication system, impacting its functionality and security.
  • Active Exploitation: The CVE is tagged "In The Wild," indicating that attackers are actively exploiting this vulnerability.
  • No Public Exploits: Despite active exploitation, no publicly available exploits have been identified. This means attackers are likely using custom-developed tools to exploit this vulnerability.

Mitigation Strategies

  1. Update Kerberos: Patching the affected version of Kerberos to 1.21.3 or later is the most effective way to mitigate this vulnerability.
  2. Implement Access Controls: Limit access to the vulnerable Kerberos component to only authorized users and applications.
  3. Monitor System Resources: Closely monitor system resources, particularly memory usage, for signs of resource depletion. This can help identify potential exploitation attempts.
  4. Security Awareness: Raise awareness among system administrators and users about the vulnerability and the potential risks involved.

Additional Information: If you have further questions regarding this incident, you can utilize the "Ask to Analyst" feature, contact SOCRadar directly, or open a support ticket for additional information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

USN-7314-1: Kerberos vulnerabilities
2025-03-03
USN-7314-1: Kerberos vulnerabilities | It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. (CVE-2024-26458, CVE-2024-26461) It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-26462) It was discovered that the Kerberos kadmind daemon incorrectly handled log files when incremental propagation was enabled. An authenticated
ubuntu.com
rss
forum
news
CVE-2024-26458 | MIT Kerberos 5 1.21.2 pmap_rmt.c memory leak (Nessus ID 210816)
vuldb.com2024-12-06
CVE-2024-26458 | MIT Kerberos 5 1.21.2 pmap_rmt.c memory leak (Nessus ID 210816) | A vulnerability, which was classified as problematic, has been found in MIT Kerberos 5 1.21.2. This issue affects some unknown processing in the library /krb5/src/lib/rpc/pmap_rmt.c. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2024-26458. The attack can only be done within the local network
vuldb.com
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md
[email protected]https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md
[email protected]https://security.netapp.com/advisory/ntap-20240415-0010/

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence