Search CVE reports


Toggle filters

1 – 10 of 23 results


CVE-2022-45142

Medium priority

Some fixes available 4 of 10

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1...

1 affected package

heimdal

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Vulnerable Needs evaluation Fixed Fixed Fixed
Show less packages

CVE-2021-44758

Medium priority

Some fixes available 4 of 10

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.

1 affected package

heimdal

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Vulnerable Vulnerable Fixed Fixed Fixed
Show less packages

CVE-2022-42898

Medium priority

Some fixes available 13 of 22

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which...

3 affected packages

heimdal, krb5, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Vulnerable Vulnerable Fixed Fixed Fixed
krb5 Not affected Fixed Fixed Fixed Fixed
samba Not affected Fixed Fixed Vulnerable Needs evaluation
Show less packages

CVE-2022-44640

Medium priority

Some fixes available 4 of 10

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).

2 affected packages

heimdal, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Vulnerable Vulnerable Fixed Fixed Fixed
samba Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-41916

Medium priority

Some fixes available 4 of 10

Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit...

1 affected package

heimdal

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Vulnerable Vulnerable Fixed Fixed Fixed
Show less packages

CVE-2022-3437

Medium priority

Some fixes available 11 of 16

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited...

2 affected packages

heimdal, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Not affected Vulnerable Fixed Fixed Fixed
samba Fixed Fixed Fixed Vulnerable Needs evaluation
Show less packages

CVE-2022-3116

Medium priority

Some fixes available 4 of 10

The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.

2 affected packages

heimdal, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Vulnerable Vulnerable Fixed Fixed Fixed
samba Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-3671

Low priority

Some fixes available 14 of 18

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

2 affected packages

heimdal, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Not affected Not affected Fixed Fixed Fixed
samba Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12098

Low priority

Some fixes available 3 of 5

In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.

1 affected package

heimdal

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Not affected Not affected Fixed Fixed
Show less packages

CVE-2018-16860

Medium priority

Some fixes available 11 of 13

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this...

2 affected packages

heimdal, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Not affected Not affected Fixed Fixed
samba Fixed Fixed Fixed Fixed
Show less packages