Debian: DSA-5287-1 Urgent Heimdal Denial Of Service Vulnerability
debian
November 22, 2022
Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos
Topics Covered
Summary
CVE-2021-3671
Joseph Sutton discovered that the Heimdal KDC does not validate that
the server name in the TGS-REQ is present before dereferencing,
which may result in denial of service.
CVE-2021-44758
It was discovered that Heimdal is prone to a NULL dereference in
acceptors where an initial SPNEGO token that has no acceptable
mechanisms, which may result in denial of service for a server
application that uses SPNEGO.
CVE-2022-3437
Several buffer overflow flaws and non-constant time leaks were
discovered when using 1DES, 3DES or RC4 (arcfour).
CVE-2022-41916
An out-of-bounds memory access was discovered when Heimdal
normalizes Unicode, which may result in denial of service.
CVE-2022-42898
It was discovered that integer overflows in PAC parsing may result
in denial of service for Heimdal KDCs or possibly Heimdal servers.
CVE-2022-44640
It was discovered that the Heimdal's ASN.1 compiler generates code
that allows specially crafted DER encodings...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: heimdal
CVE ID: CVE-2021-3671 CVE-2021-44758 CVE-2022-3437 CVE-2022-41916
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!