Red Hat Product Errata RHSA-2026:16799 - Security Advisory Issued: 2026-05-13 Updated: 2026-05-13 RHSA-2026:16799 - Security Advisory Overview Updated Packages Synopsis Important: krb5 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read (CVE-2026-40356) krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism (CVE-2026-40355) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2463368 - CVE-2026-40356 krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read BZ - 2463370 - CVE-2026-40355 krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism CVEs CVE-2026-40355 CVE-2026-40356 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM krb5-1.18.2-34.el8_10.src.rpm SHA-256: cc9462f847f21a7a8081cbb743031b43654fea48e3c8c2872b1e720256f3db95 x86_64 krb5-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: ba724b346b262e8d3b0d9efdc3f4adc90af7c75bfa70a02bfcd42d19f6a62f64 krb5-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: 19cecb993dd93fe4efa622d93d7ab2f85edd2fa96624f8f1e46c701586f628fd krb5-debugsource-1.18.2-34.el8_10.i686.rpm SHA-256: e0fc532ccfa5ca8e543a40a9642b807fb290c7ac645d81829b6157fb6f96756b krb5-debugsource-1.18.2-34.el8_10.x86_64.rpm SHA-256: b0727836a4725c8eb307c9e58985cbd068488c3a53b3c4cfd7f52368da31f14e krb5-devel-1.18.2-34.el8_10.i686.rpm SHA-256: d196974c93513a2d28fe5d9196bbd8e4e2700cdd80312edca8fd5becd4fc20cd krb5-devel-1.18.2-34.el8_10.x86_64.rpm SHA-256: 2337d4bc35fd17bd53af7bb845b02ba7b06c0e403f5790bc61bd790332228bc8 krb5-devel-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: 1ffc909e790df40151b0902234c471fc757858d699c8c66e5f761bfde808beda krb5-devel-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: 0ff9006600ececc65781d86a8be156d5591fc075d44611b4c2d89e6ccc825e90 krb5-libs-1.18.2-34.el8_10.i686.rpm SHA-256: 6936726d48a031757a0eb350c1d827032d769c3e5e93ad1f07502008e1867c9a krb5-libs-1.18.2-34.el8_10.x86_64.rpm SHA-256: 915e6ace44feb19da7128f56c10f357c2f6e6ac06e2c5f35d68cb1289b7ea53d krb5-libs-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: a05995d4cd852679f1c010e4a928153ff5c016cd0fba07a2d58f86253f6abcf2 krb5-libs-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: 5f12efd7c129484f451e36414e7cd2b532ce7ffb90c9431511149a160fa25ef0 krb5-pkinit-1.18.2-34.el8_10.i686.rpm SHA-256: e7e687202fb9835fd1ce3a29e0ed72fd79e0aa367ad34c3ef6a39ed6490e57d5 krb5-pkinit-1.18.2-34.el8_10.x86_64.rpm SHA-256: 2a101516dee9a38bf417bcce3bb6a1ce2fa24fc0eb67b7262e47da3a43d6c33d krb5-pkinit-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: c75ef0a4846d9f5ee917f4e04c286f60d0e82cfa9ea53b17492947ca94e6feca krb5-pkinit-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: 579a66f8035f02a19d37eaaa4edbe93929833221021c5e4bcdbc23ceaeb6a76a krb5-server-1.18.2-34.el8_10.i686.rpm SHA-256: b307e3e1d32f64ba6d825bb257136e865f6b904d63a90cc56b6e04d032702522 krb5-server-1.18.2-34.el8_10.x86_64.rpm SHA-256: 33c198b2f45c252ed74b566509f6d7e80d170fe4a8dad910c2a05006d03fc79a krb5-server-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: 1cea818105a65baf5a33372d248adefb1762a3fa155bb1bb91b23465fd4606ae krb5-server-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: 3855d987cb4252b9942915d8516288b7dc1199b4c6165253c5f4e40bbd082884 krb5-server-ldap-1.18.2-34.el8_10.i686.rpm SHA-256: 642e6e73dd2bdbdcc5a46ad3c33a5f6fa2b8cce9bbeececd6caafb15af8f6ecd krb5-server-ldap-1.18.2-34.el8_10.x86_64.rpm SHA-256: 32c4c15a6b7649b117ab41be8204a308b1ae66040d8285da8317b46d4b001214 krb5-server-ldap-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: d12ef6feb7b68894b9d322c3314f533add4462cf66722c045232e2ab377606e4 krb5-server-ldap-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: b2227810ac49748cf95009c97b3f150a951167f4be5aa1a41d2c337bb5f894d1 krb5-workstation-1.18.2-34.el8_10.x86_64.rpm SHA-256: 8dcfd7bae072e996e8b476ee67fdd55625368777eb20906f5b7f86f527fd1460 krb5-workstation-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: 074852c297c3d6f8b02e5de718a6727c1bb3c06f8faa34c8e1240c61e63bd90f krb5-workstation-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: e0990178d9beb8999504c50c9ea34cfcd21ac6599b74afc12ccb04c4094e6476 libkadm5-1.18.2-34.el8_10.i686.rpm SHA-256: 74bec1d37efc9e45dedf71b1423a0aa54aab3e85febca234fd5b5a89f846b5df libkadm5-1.18.2-34.el8_10.x86_64.rpm SHA-256: 0a22031ce4ffa7c44cddbafca83ecd658395cecc7888a75716b284e871e906ba libkadm5-debuginfo-1.18.2-34.el8_10.i686.rpm SHA-256: cc974e9cec57d10a665863c0471a55239f3d6c79a04452a5c0b8c9e9290e5cf9 libkadm5-debuginfo-1.18.2-34.el8_10.x86_64.rpm SHA-256: d154a8fa282739bd3f5f33beb53bd346f880ac13ce27ae6dca5e2c9785032262 Red Hat Enterprise Linux for IBM z Systems 8 SRPM krb5-1.18.2-34.el8_10.src.rpm SHA-256: cc9462f847f21a7a8081cbb743031b43654fea48e3c8c2872b1e720256f3db95 s390x krb5-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: 77028b8f6afddf44dca091e24dcabdbf336c38cb80ca56cf2e101a9e47cae84c krb5-debugsource-1.18.2-34.el8_10.s390x.rpm SHA-256: 2b4816ca71b302c3ea3a0759ec3bd215f0b0919613b1baac90e362b19eabe8ee krb5-devel-1.18.2-34.el8_10.s390x.rpm SHA-256: cb58ee5db0e4fbe4a0f83f4e2eb034b7f9a3f8e9d05eeef9b7a728a11689aee7 krb5-devel-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: 955e96bf251e158f1723bedf0cd879a3b3eeaca737c9f39a3f7a73b0b9e5e505 krb5-libs-1.18.2-34.el8_10.s390x.rpm SHA-256: 23d74b6fa91958065a76f2cc7e517e5296e0715b3d4ebf4f02a03b447ef495f5 krb5-libs-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: 3a188fd0a3e0ede32480ef0ea038e26a6d59db7b34b43a49701d0dee0c528cf8 krb5-pkinit-1.18.2-34.el8_10.s390x.rpm SHA-256: e72219ae5fbf6633de0a1cc4f14c4c5d87bcc952296931c31c2afb2bd5b40c1d krb5-pkinit-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: c979a21a20b4c0f3af9f2d16c73031dc2c2499946ef0532b1b17734e4230ed11 krb5-server-1.18.2-34.el8_10.s390x.rpm SHA-256: 6d459e9cd9079932ef1de48d7f795a399bbed342326bede4b8d65ac22e59f1a9 krb5-server-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: f2185e0b69d360ed7478ae9fad8f7da5461fcdeca5159f1d9e9965a300a10a90 krb5-server-ldap-1.18.2-34.el8_10.s390x.rpm SHA-256: db9f101880cc8434fbd2a312c92c4ce92a247154f670d8dc576eedfb587607ed krb5-server-ldap-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: 1c6f42ec398b24df7eb629df4aacf79fdbb6777b428ac64340f90f8dc287eb75 krb5-workstation-1.18.2-34.el8_10.s390x.rpm SHA-256: 4572d9dd0190eeaa227b6affffd1fc3722833c885893416ae17f8c0d2940fac8 krb5-workstation-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: f9b6d11a699e20ebeefe60ff7664ff6d5ad8ec0ed063ea46934e68aed63708c8 libkadm5-1.18.2-34.el8_10.s390x.rpm SHA-256: 4719ee46b1978216dfe3b5b2e501e575d69a311d001dc1a635c6f1d24e1713d6 libkadm5-debuginfo-1.18.2-34.el8_10.s390x.rpm SHA-256: aef65db95b56d3057944dbc24c33bab947f821cc23389783881c3ad4f7f69f09 Red Hat Enterprise Linux for Power, little endian 8 SRPM krb5-1.18.2-34.el8_10.src.rpm SHA-256: cc9462f847f21a7a8081cbb743031b43654fea48e3c8c2872b1e720256f3db95 ppc64le krb5-debuginfo-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 0b0472f5d6681c456da9e7a0db83f134c71bdd11463673b3173fb7f415bbb3cd krb5-debugsource-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 9ff8f2d932f324f03146e6a101a4bba5799ad88273d2e959389471c9164e9818 krb5-devel-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 58b3b79c4cb595ba1de6b021c22dd58fbab633c8b79a6a6e698b7924badde9ff krb5-devel-debuginfo-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 68cebb1634898baa9f84f78caabac6e13c2b1f3438eb98fb00dd28c4d43a0aef krb5-libs-1.18.2-34.el8_10.ppc64le.rpm SHA-256: e68975140a8232becf3333e823c6bc49157131481c509b2d6865f3e278fc1aa2 krb5-libs-debuginfo-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 6e49c8c86250a78ee16322e4d2b45dc377cad6299a46fd571d541b44f921b074 krb5-pkinit-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 56fa2b8ea853dc7f4a3ee1ae4a9c353e33d7b93956bd38695bb82bece84da2d1 krb5-pkinit-debuginfo-1.18.2-34.el8_10.ppc64le.rpm SHA-256: d9e60dfcdc53a9eaef6574fac8583746c752ac15464bea9c0f86873b19948e52 krb5-server-1.18.2-34.el8_10.ppc64le.rpm SHA-256: 3f7eda87fed2858a01b371cb1707704b47f685234a0b92531322d3e227ff3349 krb5-server-debuginfo-1.18.2-34.el8_10.ppc64le.rpm SHA-256: c825b708cad120c2c773e6181bd0aa75bae177aaad0169675cd437a8f837bbd4 krb5-server-ldap-1.18.2-34.el8_10.ppc64le.rpm SHA-256: e244b57cc351665a8fd27a799920d20e292b2cd475bcfdfa9c98e55c5af606db krb5-server-ldap-debuginfo-1.1