Headline
CVE-2022-41916: Read one byte past a buffer when normalizing Unicode
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal’s PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal’s libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.
Patched versions
7.7.1, 7.8
Description
Impact
This is a denial of service vulnerability in Heimdal’s PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal’s libhx509.
Patches
Users should upgrade to Heimdal 7.7.1 or 7.8.
For more information
If you have any questions or comments about this advisory:
- Open an issue in Heimdal
- Email us at [email protected]
Related news
Gentoo Linux Security Advisory 202310-6 - Multiple vulnerabilities have been discovered in Heimdal, the worst of which could lead to remote code execution on a KDC. Versions greater than or equal to 7.8.0-r1 are affected.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Debian Linux Security Advisory 5287-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.