Red Hat Product Errata RHSA-2026:24686 - Security Advisory Issued: 2026-06-09 Updated: 2026-06-09 RHSA-2026:24686 - Security Advisory Overview Updated Packages Synopsis Important: krb5 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for krb5 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read (CVE-2026-40356) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2463368 - CVE-2026-40356 krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read CVEs CVE-2026-40356 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.4 SRPM krb5-1.21.1-2.el9_4.5.src.rpm SHA-256: 380202fd2335a9d2c261264c014ec2d7a4194c2b7f8a9bdceb6a3ebb262902eb x86_64 krb5-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 12035d546344e49fe39d66258a4ee352c9cd60a61fb9d6437f5ce2c6a75159b9 krb5-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 12035d546344e49fe39d66258a4ee352c9cd60a61fb9d6437f5ce2c6a75159b9 krb5-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 3ed25cfc48ba3700b3a7ae756c30961f8919c451ef253c2c35d901ab9451a41f krb5-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 3ed25cfc48ba3700b3a7ae756c30961f8919c451ef253c2c35d901ab9451a41f krb5-debugsource-1.21.1-2.el9_4.5.i686.rpm SHA-256: bd2a4137e9cc7e9d360a0f4728dbe3ec98fc9b4a373e90abce78fed60f81fd74 krb5-debugsource-1.21.1-2.el9_4.5.i686.rpm SHA-256: bd2a4137e9cc7e9d360a0f4728dbe3ec98fc9b4a373e90abce78fed60f81fd74 krb5-debugsource-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: e70ce7e88dd49592312d36d7e1b09f71ef9435aefe1f155c625b5b85a8262650 krb5-debugsource-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: e70ce7e88dd49592312d36d7e1b09f71ef9435aefe1f155c625b5b85a8262650 krb5-devel-1.21.1-2.el9_4.5.i686.rpm SHA-256: c6cab2216e7b427b849e1b583c37f6319f11091d4fa3b62c1a95259daa48acfd krb5-devel-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: e5825bffd01652ff3b6d852e1f20e70bdf8c653013248fbc352017d3e9eda510 krb5-libs-1.21.1-2.el9_4.5.i686.rpm SHA-256: 97320d2518cba4e027ccb276d1ea4babef533caa7944b01a41190f11c3705f10 krb5-libs-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: eb821fb21c4b35b5494861356aeaf8e7a7fd206729405783fc4b058100c152f6 krb5-libs-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 32b9df2fd9b8b8cc376005e9d1d24def20662cd55b62e7838cc6b4046017c03f krb5-libs-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 32b9df2fd9b8b8cc376005e9d1d24def20662cd55b62e7838cc6b4046017c03f krb5-libs-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: c2113fddb841891527faf5d09d728a0fda1f31b3c28b592e42cc72f95b3b3abf krb5-libs-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: c2113fddb841891527faf5d09d728a0fda1f31b3c28b592e42cc72f95b3b3abf krb5-pkinit-1.21.1-2.el9_4.5.i686.rpm SHA-256: 84309fdac8d53de5c48f96b9c32fe7c1623ebb28cd04d3d11a45b94abd595e4b krb5-pkinit-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 809a04b2df578e7ce6e631217938b297d5ce25d03206a3c1fc705247505f765e krb5-pkinit-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 7e4f45bb34998e78733461a5e75e8d006368511a70b1bed3ad4c22e1ca8389cd krb5-pkinit-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 7e4f45bb34998e78733461a5e75e8d006368511a70b1bed3ad4c22e1ca8389cd krb5-pkinit-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: b3e7055c5087665815b8b24decfdf17786e821969660cf517f75c0a96616d07a krb5-pkinit-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: b3e7055c5087665815b8b24decfdf17786e821969660cf517f75c0a96616d07a krb5-server-1.21.1-2.el9_4.5.i686.rpm SHA-256: 199463488612eac7fd7182818095ba9880efef235fd71bbf8688789f4313352f krb5-server-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 3f6d3173b54893e1ae931db3a9d41ad7643e16bb7a7cc2b9fdd38e7177a96d55 krb5-server-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 845476563692615b4ebb91d9c12e3858ea8dcf35edfee7cabb19750229379b40 krb5-server-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 845476563692615b4ebb91d9c12e3858ea8dcf35edfee7cabb19750229379b40 krb5-server-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: c4c8d54d07ad847783999857f1e6328e5dc0ed54f05a06b0dec57f34d0f1df1f krb5-server-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: c4c8d54d07ad847783999857f1e6328e5dc0ed54f05a06b0dec57f34d0f1df1f krb5-server-ldap-1.21.1-2.el9_4.5.i686.rpm SHA-256: 32e5021b567ee821303384bbc16899ff23be13e16bd442ed278bb4386ad1743d krb5-server-ldap-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 1b7429f28b3ceb8ec6e5f132b83695dd6be97b6b6412c994e07c05379abe5207 krb5-server-ldap-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: d2d2bc0723099fcef309fb566a1f42859966de0f386896752f31e01bb32f3a35 krb5-server-ldap-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: d2d2bc0723099fcef309fb566a1f42859966de0f386896752f31e01bb32f3a35 krb5-server-ldap-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 6fcb99048b4294ad8ba51fa218486c9a5cfa1cfe11006bcd558b42cca6f7999d krb5-server-ldap-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 6fcb99048b4294ad8ba51fa218486c9a5cfa1cfe11006bcd558b42cca6f7999d krb5-workstation-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: d327bf72e59df0247eade749268e0e4aefe82ed5476983a011c63ce2cdcb1328 krb5-workstation-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 755c419ab17ddfa0a63da5ffde513de68897a63856dcb61131636cf754163961 krb5-workstation-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 755c419ab17ddfa0a63da5ffde513de68897a63856dcb61131636cf754163961 krb5-workstation-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: b1b26e9d4d5fdd975b594803cf435f7fc91068599d3071ca893f355be5593ecf krb5-workstation-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: b1b26e9d4d5fdd975b594803cf435f7fc91068599d3071ca893f355be5593ecf libkadm5-1.21.1-2.el9_4.5.i686.rpm SHA-256: e393d317faa1cf7c4bcd39a3a52f40cc4d7278649621722c109f587fe55f9336 libkadm5-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: ad41c23769298d53c28f7a03bf07a7a348e28331f6c215715e337d149989bb28 libkadm5-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 321111d262680fd5d78ebdc09262651adbc30b11313435349d5496459a5b4568 libkadm5-debuginfo-1.21.1-2.el9_4.5.i686.rpm SHA-256: 321111d262680fd5d78ebdc09262651adbc30b11313435349d5496459a5b4568 libkadm5-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 1e398e3cbeca98105023b04f5f76c35c1d98a2d03ae7620e540a7c9ea5337856 libkadm5-debuginfo-1.21.1-2.el9_4.5.x86_64.rpm SHA-256: 1e398e3cbeca98105023b04f5f76c35c1d98a2d03ae7620e540a7c9ea5337856 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 SRPM krb5-1.21.1-2.el9_4.5.src.rpm SHA-256: 380202fd2335a9d2c261264c014ec2d7a4194c2b7f8a9bdceb6a3ebb262902eb ppc64le krb5-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 2230e27db29d1d1a905c52d8f93f3e8a4e63924c0afc87b626b4d9f0a3065a30 krb5-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 2230e27db29d1d1a905c52d8f93f3e8a4e63924c0afc87b626b4d9f0a3065a30 krb5-debugsource-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 144a62a8389f48eb7522032a3bbf4e0961d750026dbea802c18576700d707b90 krb5-debugsource-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 144a62a8389f48eb7522032a3bbf4e0961d750026dbea802c18576700d707b90 krb5-devel-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 12f072b06f0a9cb57f0da81bc386053355452258c09db0eef84dff0ea8c182ca krb5-libs-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 23ec0d2b49b057f3fedb28292071495a755ac213c84b23cf01f1d07a3804b493 krb5-libs-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 4a5819e75c205c646944beff39cf88d66ba84307a04bb225a64862bff4db2534 krb5-libs-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 4a5819e75c205c646944beff39cf88d66ba84307a04bb225a64862bff4db2534 krb5-pkinit-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 1c7e5ae445931e3d3260358ddc0407d0fa490a17e885f3cdc07d2bf8cdc06a4c krb5-pkinit-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 0a98038953adb1b391830e80bf572512ffa5c9c564d57471058344bec4f90fac krb5-pkinit-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 0a98038953adb1b391830e80bf572512ffa5c9c564d57471058344bec4f90fac krb5-server-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: 3b81c30305c4ac5f3c0c8b2f28fc43d412036c7545d217eb335c52825b616446 krb5-server-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: a43a8be1e977bf716ebfafa48a5c18c433720147ab303a717fad8977151b4305 krb5-server-debuginfo-1.21.1-2.el9_4.5.ppc64le.rpm SHA-256: a43a8be1e977bf716ebfafa48a5c18c433720147ab303a717fad8977151b4305 krb5-server-