CVE-2026-40356
MediumCVSS 5.9Exploitation Probability (EPSS)
Low risk37th percentile - higher than 37% of all known CVEs
Summary
In MIT Kerberos 5 (krb5) before 1.22.3, an integer underflow and resultant out-of-bounds read occur if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.
Risk Assessment
The risk is a remote denial of service (DoS) without authentication, potentially disrupting services relying on Kerberos.
Recommendation
Immediately upgrade MIT Kerberos 5 to version 1.22.3 or later, which fixes this vulnerability.
Original NVD description (English source)
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.

