CVE-2022-44640

CVE	CVE-2022-44640
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-12-25 05:15:00 UTC
Updated	2023-10-08 09:15:00 UTC
Description	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).

Problem Types: NVD-CWE-Other

Type	Vendor	Product	Version	Update	Edition	Language
Application	Heimdal Project	Heimdal	All	All	All	All
Application	Samba	Samba	All	All	All	All

Reference	Source	Link	Tags
December 2022 Heimdal Vulnerabilities in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
Heimdal: Multiple Vulnerabilities (GLSA 202310-06) — Gentoo security	GENTOO	security.gentoo.org
Invalid free in ASN.1 codec · Advisory · heimdal/heimdal · GitHub	CONFIRM	github.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

181242 Debian Security Update for heimdal (DSA 5287-1)
181249 Debian Security Update for heimdal (DLA 3206-1)
184792 Debian Security Update for sambaheimdal (CVE-2022-44640)
199102 Ubuntu Security Notification for Heimdal Vulnerabilities (USN-5800-1)
283360 Fedora Security Update for heimdal (FEDORA-2022-dba9ba8e2b)
283361 Fedora Security Update for heimdal (FEDORA-2022-cbbd105d08)
283404 Fedora Security Update for heimdal (FEDORA-2022-2c77cee4b5)
502599 Alpine Linux Security Update for heimdal
502655 Alpine Linux Security Update for heimdal
503994 Alpine Linux Security Update for heimdal
710767 Gentoo Linux Heimdal Multiple Vulnerabilities (GLSA 202310-06)
904784 Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (12116)
905333 Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (12116-1)