#VU69362 Out-of-bounds read in heimdal - CVE-2022-41916


Vulnerability identifier: #VU69362

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-41916

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
heimdal
Server applications / Encryption software

Vendor: Heimdal Software

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in Heimdal's PKI certificate validation library. A remote attacker can pass a specially crafted certificate to the affected application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

The vulnerability affects KDC (via PKINIT), kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

heimdal: 0.5 - 7.7.0

External links
https://github.com/heimdal/heimdal/security/advisories/GHSA-mgqr-gvh6-23cx
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.7.1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


VMware Tanzu products update for Heimdal
Ubuntu update for heimdal
Debian update for heimdal
Fedora 36 update for heimdal
Fedora 35 update for heimdal
Fedora 37 update for heimdal
Fedora EPEL 7 update for heimdal
Fedora EPEL 8 update for heimdal
Fedora 35 update for heimdal
Fedora 36 update for heimdal