#VU69364 Buffer overflow in heimdal - CVE-2022-44640


Vulnerability identifier: #VU69364

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2022-44640

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
heimdal
Server applications / Encryption software

Vendor: Heimdal Software

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in ASN.1 codec in Heimdal. The ASN.1 compiler generates code that allows specially crafted DER encodings of CHOICEs to invoke the wrong free function on the decoded structure upon decode error. This is known to impact the Heimdal KDC, leading to an invalid free() of an address partly or wholly under the control of the attacker. A remote attacker can execute arbitrary code on the system.


Mitigation
Install updates from vendor's website.

Vulnerable software versions

heimdal: 7.0.1 - 7.7.0

External links
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.7.1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell Avamar Data Store Gen5a
Multiple vulnetabilities in Dell EMC Integrated Data Protection Appliance
Multiple vulnerabilities in Dell PowerScale OneFS
Buffer overflow in Dell Precision Rack
Multiple vulnerabilities in VMware Tanzu Platform Automation Toolkit
Cloud Foundry Foundation cflinuxfs3 update for Heimdal
Ubuntu update for heimdal
openEuler update for samba
Debian update for heimdal
Fedora 36 update for heimdal