Red Hat Product Errata RHSA-2026:19145 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19145 - Security Advisory Overview Updated Packages Synopsis Important: krb5 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for krb5 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read (CVE-2026-40356) krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism (CVE-2026-40355) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2463368 - CVE-2026-40356 krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read BZ - 2463370 - CVE-2026-40355 krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism CVEs CVE-2026-40355 CVE-2026-40356 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM krb5-1.21.3-10.el10_2.src.rpm SHA-256: 2655ae7a32b6820303e523dee9d4b2d8e9c7d2d178c13958601bc3cb471f4690 x86_64 krb5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: cfdc15283e2a0e64bd326b7fd7039519e517f4175247e6d9fa5c5e398d0fc7a3 krb5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: cfdc15283e2a0e64bd326b7fd7039519e517f4175247e6d9fa5c5e398d0fc7a3 krb5-debugsource-1.21.3-10.el10_2.x86_64.rpm SHA-256: ba5f38114e1066219fbd39c53becb1f246f25a8c687ad89602cfe36ae16022a0 krb5-debugsource-1.21.3-10.el10_2.x86_64.rpm SHA-256: ba5f38114e1066219fbd39c53becb1f246f25a8c687ad89602cfe36ae16022a0 krb5-devel-1.21.3-10.el10_2.x86_64.rpm SHA-256: 415a9ab9d8cff065cd6b9a6ae9f3e2568be4e2a2908ff56960f41b72ad6f1d07 krb5-libs-1.21.3-10.el10_2.x86_64.rpm SHA-256: 02be542c9b64742578ee8c3228fa0eca4aaed0e69a8f602f85dd18b1bbf9e15d krb5-libs-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 1d502ccfc1289062b9e77307079c3e449ee72dd7dcba503fc35bda2d7eaf2b59 krb5-libs-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 1d502ccfc1289062b9e77307079c3e449ee72dd7dcba503fc35bda2d7eaf2b59 krb5-pkinit-1.21.3-10.el10_2.x86_64.rpm SHA-256: 2e3bb232a917b84ffe29a4775e00b36d3d1461fbdc06a5ca403d70176a8eec7d krb5-pkinit-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 6f63fb90b652f65cd18f7cedd475d0d6fc3f3739749bbabf66f93246aebfcd27 krb5-pkinit-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 6f63fb90b652f65cd18f7cedd475d0d6fc3f3739749bbabf66f93246aebfcd27 krb5-server-1.21.3-10.el10_2.x86_64.rpm SHA-256: a22471d5c1a634db6523bdb101ec5447efca2e2bbdc658e3ca2b79ffc8e2cbe5 krb5-server-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 63c0abea8766a14e5a9cb529955c4251277e270c487c706653c1323ee8e5e7ab krb5-server-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 63c0abea8766a14e5a9cb529955c4251277e270c487c706653c1323ee8e5e7ab krb5-server-ldap-1.21.3-10.el10_2.x86_64.rpm SHA-256: dbaf5c62071ad069b700438764d5cf25b74133721ddfac07352d0f57eba21687 krb5-server-ldap-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 7e672055bc3b31d2cb0ee39c463396e55ce5e31522181b9b012353a286ecd0f7 krb5-server-ldap-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 7e672055bc3b31d2cb0ee39c463396e55ce5e31522181b9b012353a286ecd0f7 krb5-workstation-1.21.3-10.el10_2.x86_64.rpm SHA-256: e5ba469a9d6adfc02b7ba55c928d9bda4d3b265076c5b3d48aa5c45ed0cd72c1 krb5-workstation-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 5a17fab5d0987e32f61a56891857ddb590738243de850fb2891b73dc0cec7837 krb5-workstation-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 5a17fab5d0987e32f61a56891857ddb590738243de850fb2891b73dc0cec7837 krb5-xrealmauthz-1.21.3-10.el10_2.x86_64.rpm SHA-256: 2f0e7041f3621b4ff3e9a23af5517da07e759c2efa7aad7106af5ae5b67cd305 krb5-xrealmauthz-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 9baa5fe544c37979a7efd275ac90d16c0e3f277b04087b581d4bf2c2b398c952 krb5-xrealmauthz-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 9baa5fe544c37979a7efd275ac90d16c0e3f277b04087b581d4bf2c2b398c952 libkadm5-1.21.3-10.el10_2.x86_64.rpm SHA-256: 0b33937b83a769694aef4589ece1d83702120de34ee88878b589783b4486d613 libkadm5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 062aa8dfd1636babf870731fd3dab163befd171c9d11a423d3c55b697bbf4609 libkadm5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 062aa8dfd1636babf870731fd3dab163befd171c9d11a423d3c55b697bbf4609 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM krb5-1.21.3-10.el10_2.src.rpm SHA-256: 2655ae7a32b6820303e523dee9d4b2d8e9c7d2d178c13958601bc3cb471f4690 x86_64 krb5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: cfdc15283e2a0e64bd326b7fd7039519e517f4175247e6d9fa5c5e398d0fc7a3 krb5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: cfdc15283e2a0e64bd326b7fd7039519e517f4175247e6d9fa5c5e398d0fc7a3 krb5-debugsource-1.21.3-10.el10_2.x86_64.rpm SHA-256: ba5f38114e1066219fbd39c53becb1f246f25a8c687ad89602cfe36ae16022a0 krb5-debugsource-1.21.3-10.el10_2.x86_64.rpm SHA-256: ba5f38114e1066219fbd39c53becb1f246f25a8c687ad89602cfe36ae16022a0 krb5-devel-1.21.3-10.el10_2.x86_64.rpm SHA-256: 415a9ab9d8cff065cd6b9a6ae9f3e2568be4e2a2908ff56960f41b72ad6f1d07 krb5-libs-1.21.3-10.el10_2.x86_64.rpm SHA-256: 02be542c9b64742578ee8c3228fa0eca4aaed0e69a8f602f85dd18b1bbf9e15d krb5-libs-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 1d502ccfc1289062b9e77307079c3e449ee72dd7dcba503fc35bda2d7eaf2b59 krb5-libs-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 1d502ccfc1289062b9e77307079c3e449ee72dd7dcba503fc35bda2d7eaf2b59 krb5-pkinit-1.21.3-10.el10_2.x86_64.rpm SHA-256: 2e3bb232a917b84ffe29a4775e00b36d3d1461fbdc06a5ca403d70176a8eec7d krb5-pkinit-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 6f63fb90b652f65cd18f7cedd475d0d6fc3f3739749bbabf66f93246aebfcd27 krb5-pkinit-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 6f63fb90b652f65cd18f7cedd475d0d6fc3f3739749bbabf66f93246aebfcd27 krb5-server-1.21.3-10.el10_2.x86_64.rpm SHA-256: a22471d5c1a634db6523bdb101ec5447efca2e2bbdc658e3ca2b79ffc8e2cbe5 krb5-server-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 63c0abea8766a14e5a9cb529955c4251277e270c487c706653c1323ee8e5e7ab krb5-server-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 63c0abea8766a14e5a9cb529955c4251277e270c487c706653c1323ee8e5e7ab krb5-server-ldap-1.21.3-10.el10_2.x86_64.rpm SHA-256: dbaf5c62071ad069b700438764d5cf25b74133721ddfac07352d0f57eba21687 krb5-server-ldap-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 7e672055bc3b31d2cb0ee39c463396e55ce5e31522181b9b012353a286ecd0f7 krb5-server-ldap-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 7e672055bc3b31d2cb0ee39c463396e55ce5e31522181b9b012353a286ecd0f7 krb5-workstation-1.21.3-10.el10_2.x86_64.rpm SHA-256: e5ba469a9d6adfc02b7ba55c928d9bda4d3b265076c5b3d48aa5c45ed0cd72c1 krb5-workstation-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 5a17fab5d0987e32f61a56891857ddb590738243de850fb2891b73dc0cec7837 krb5-workstation-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 5a17fab5d0987e32f61a56891857ddb590738243de850fb2891b73dc0cec7837 krb5-xrealmauthz-1.21.3-10.el10_2.x86_64.rpm SHA-256: 2f0e7041f3621b4ff3e9a23af5517da07e759c2efa7aad7106af5ae5b67cd305 krb5-xrealmauthz-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 9baa5fe544c37979a7efd275ac90d16c0e3f277b04087b581d4bf2c2b398c952 krb5-xrealmauthz-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 9baa5fe544c37979a7efd275ac90d16c0e3f277b04087b581d4bf2c2b398c952 libkadm5-1.21.3-10.el10_2.x86_64.rpm SHA-256: 0b33937b83a769694aef4589ece1d83702120de34ee88878b589783b4486d613 libkadm5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 062aa8dfd1636babf870731fd3dab163befd171c9d11a423d3c55b697bbf4609 libkadm5-debuginfo-1.21.3-10.el10_2.x86_64.rpm SHA-256: 062aa8dfd1636babf870731fd3dab163befd171c9d11a423d3c55b697bbf4609 Red Hat Enterprise Linux for IBM z Systems 10 SRPM krb5-1.21.3-10.el10_2.src.rpm SHA-256: 2655ae7a32b6820303e523dee9d4b2d8e9c7d2d178c