CVE-2025-3576

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions MIT Kerberos (affected versions not specified)

Description The issue concerns a weakness in the MD5 checksum design, allowing GSSAPI-protected messages that use RC4-HMAC-MD5 to be spoofed. If RC4 is preferred over more robust encryption types, an attacker could exploit MD5 collisions to forge message integrity codes, potentially leading to unauthorized message tampering.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-328

Related Identifiers

ALSA-2025:8411

ALSA-2025:9418

ALSA-2025:9430

AZL-60928

BDU:2025-10927

CESA-2025_8411

CVE-2025-3576

DLA-4195-1

ECHO-64EE-F30C-7BC0

INFSA-2025_8411

INFSA-2025_9430

OESA-2025-2124

OESA-2025-2125

OESA-2025-2126

RHSA-2025:13664

RHSA-2025:13777

RHSA-2025:15000

RHSA-2025:15001

RHSA-2025:15002

RHSA-2025:15003

RHSA-2025:15004

RHSA-2025:8411

RHSA-2025:9418

RHSA-2025:9430

RHSA-2025_8411

RHSA-2025_9430

SUSE-SU-2025:03227-1

SUSE-SU-2025:03270-1

SUSE-SU-2025:20719-1

SUSE-SU-2025:3698-1

SUSE-SU-2025:3699-1

SUSE-SU-2025:3729-1

SUSE-SU-2025_3698-1

SUSE-SU-2025_3699-1

USN-7542-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Mit Kerberos

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2025-3576

Weakness Enumeration

Related Identifiers

Affected Products

References · 75