CVE-2022-41916
Summary
| CVE | CVE-2022-41916 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-11-15 23:15:00 UTC |
|---|
| Updated | 2023-10-08 09:15:00 UTC |
|---|
| Description | Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| December 2022 Heimdal Vulnerabilities in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| Heimdal: Multiple Vulnerabilities (GLSA 202310-06) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| [SECURITY] [DLA 3206-1] heimdal security update |
MLIST |
lists.debian.org |
|
| Debian -- Security Information -- DSA-5287-1 heimdal |
DEBIAN |
www.debian.org |
|
| Read one byte past a buffer when normalizing Unicode · Advisory · heimdal/heimdal · GitHub |
CONFIRM |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181242 Debian Security Update for heimdal (DSA 5287-1)
- 181249 Debian Security Update for heimdal (DLA 3206-1)
- 182499 Debian Security Update for heimdal (CVE-2022-41916)
- 199067 Ubuntu Security Notification for Heimdal Vulnerability (USN-5766-1)
- 283360 Fedora Security Update for heimdal (FEDORA-2022-dba9ba8e2b)
- 283361 Fedora Security Update for heimdal (FEDORA-2022-cbbd105d08)
- 283404 Fedora Security Update for heimdal (FEDORA-2022-2c77cee4b5)
- 502599 Alpine Linux Security Update for heimdal
- 502655 Alpine Linux Security Update for heimdal
- 503994 Alpine Linux Security Update for heimdal
- 710767 Gentoo Linux Heimdal Multiple Vulnerabilities (GLSA 202310-06)
- 904510 Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (11459)
- 904511 Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (11457)
- 904780 Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (11457-1)
- 905344 Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (11459-1)
