Discover Government News

=========================================================================Ubuntu Security Notice USN-5766-1
December 07, 2022

heimdal vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

Heimdal could be made to crash if it received specially crafted
network traffic.

Software Description:
- heimdal: Heimdal Kerberos Network Authentication Protocol

Details:

It was discovered that Heimdal did not properly manage memory when
normalizing Unicode. An attacker could possibly use this issue to
cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   libwind0-heimdal                7.7.0+dfsg-1ubuntu1.2

Ubuntu 18.04 LTS:
   libwind0-heimdal                7.5.0+dfsg-1ubuntu0.2

Ubuntu 16.04 ESM:
   libwind0-heimdal                1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm2

Ubuntu 14.04 ESM:
   libwind0-heimdal                1.6~git20131207+dfsg-1ubuntu1.2+esm2

After a standard system update you need to restart any application
using Heimdal libraries to make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5766-1
   CVE-2022-41916

Package Information:
   https://launchpad.net/ubuntu/+source/heimdal/7.7.0+dfsg-1ubuntu1.2
   https://launchpad.net/ubuntu/+source/heimdal/7.5.0+dfsg-1ubuntu0.2

Ubuntu 5766-1: Heimdal vulnerability

December 7, 2022
Heimdal could be made to crash if it received specially crafted network traffic.

Summary

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libwind0-heimdal 7.7.0+dfsg-1ubuntu1.2 Ubuntu 18.04 LTS: libwind0-heimdal 7.5.0+dfsg-1ubuntu0.2 Ubuntu 16.04 ESM: libwind0-heimdal 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm2 Ubuntu 14.04 ESM: libwind0-heimdal 1.6~git20131207+dfsg-1ubuntu1.2+esm2 After a standard system update you need to restart any application using Heimdal libraries to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5766-1

CVE-2022-41916

Severity
December 07, 2022

Package Information

https://launchpad.net/ubuntu/+source/heimdal/7.7.0+dfsg-1ubuntu1.2 https://launchpad.net/ubuntu/+source/heimdal/7.5.0+dfsg-1ubuntu0.2

Related News