PT-2026-34691 — Julia Kerberos Krb5 Jll

PT-2026-34691 · Julia · Kerberos Krb5 Jll

Published

2026-04-13

Updated

2026-04-13

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

lib/kadm5/kadm rpc xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdr kadm5 principal ent rec does not validate the relationship between n key data and the key data array count.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

JLSEC-2026-92

Affected Products

Kerberos Krb5 Jll