Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.6110 heimdal security update 23 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: heimdal Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-44640 CVE-2022-42898 CVE-2022-41916 CVE-2022-3437 CVE-2021-44758 CVE-2021-3671 Original Bulletin: https://lists.debian.org/debian-security-announce/2022/msg00258.html Comment: CVSS (Max): 7.5* CVE-2022-41916 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * Not all CVSS available when published - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5287-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 22, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : heimdal CVE ID : CVE-2021-3671 CVE-2021-44758 CVE-2022-3437 CVE-2022-41916 CVE-2022-42898 CVE-2022-44640 Debian Bug : 996586 Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos. CVE-2021-3671 Joseph Sutton discovered that the Heimdal KDC does not validate that the server name in the TGS-REQ is present before dereferencing, which may result in denial of service. CVE-2021-44758 It was discovered that Heimdal is prone to a NULL dereference in acceptors where an initial SPNEGO token that has no acceptable mechanisms, which may result in denial of service for a server application that uses SPNEGO. CVE-2022-3437 Several buffer overflow flaws and non-constant time leaks were discovered when using 1DES, 3DES or RC4 (arcfour). CVE-2022-41916 An out-of-bounds memory access was discovered when Heimdal normalizes Unicode, which may result in denial of service. CVE-2022-42898 It was discovered that integer overflows in PAC parsing may result in denial of service for Heimdal KDCs or possibly Heimdal servers. CVE-2022-44640 It was discovered that the Heimdal's ASN.1 compiler generates code that allows specially crafted DER encodings to invoke an invalid free on the decoded structure upon decode error, which may result in remote code execution in the Heimdal KDC. For the stable distribution (bullseye), these problems have been fixed in version 7.7.0+dfsg-2+deb11u2. We recommend that you upgrade your heimdal packages. For the detailed security status of heimdal please refer to its security tracker page at: https://security-tracker.debian.org/tracker/heimdal Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmN9JvNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Soow//ePJ2Ls8Zoz3IZebkzebVDGYdofReuaVNOxb4yWBVAMi5B2LDYAdsusPJ mih1urmiVUEAoHlCXUUM57dx+Mm+HGOoNcI3ancDuFZIXv3PKGaJK9Tj1QRztZcg dgpWLTxTZKd62xEFsNcuaU4JMQ0dI8WXZHNEM4P7sqwcfBJyaZycoa3lJr0CUZp9 k68IwLEkzX0wgbiYub3himSkCdzMWOAnBuIFGQa6kbnvuwyM04wLi4es8uKTyF5j HFHrbf7eK2bxwizgimMCuM0DfTdaYUbgbLPSRh2P71grJty9EmO3GNaWDryYLXVf oO1klPk5hwmCHZJC3xAX1XATn+bM1ESF2diK95SXE8BmrhFgb4tWQaHWidszVkYO DOo6w+WCvdlHURTg8Az/f2KJWObp6W6+x27owxU38mddagYb0Vepu3dk90IoYzKP 4fy+wQ0eSBqlkBnvTlBjybwK6Jko3EibpusZoNaiJKRof5dTCLd+43GIaAPirU6u yV8x0tZR9ED18altczvzTT0hYFaF2Z4/0vhn4KB2OCCax6ii61GJzIIbkeGm+Blk ZghclzIzHfKBukBBaRSIB+OhO/1rvC7aKRHq24qx7eakUSL/jN7P/V2G56X+Ij4+ ssK/ffgb6NQw6nXu8364mt+qTqbDN0kQ/7nJbpk3tkpJXLEJf1o= =ddFe - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY316VskNZI30y1K9AQjJaQ//VJYbhMemascUSSzbdMaDYg5eWNyiw46b OOAd9V/jzvL4WPDEnkW+6ohDhgzusi18WwWG4feURTDcqQ2QrUMRgy0kKUr0saoB GSF88Yr8i7wurzeuEBnVLxvY20TsGNLAEkvDC49n24kBYYIO7bCKMcZm+IW9m/rE /VhA5UINWWjTxv3VCQF/x4qgfaBH+L/x1AROU8wqmlZKakp+luNOuG/xzegysIjQ 6VBfQsVibPG4/K3pdQ+g6/d0ViL+NTsJpe1FPG8XC7FsHo9b7LlWX7osJOY+oK3w krHs7qsYaSmMLki6SNHs5XJW1pvGr8d2g25cmpWNPpbtRchRpnCeDtpXTWiRCrTP 43rkCKLrxdWGYqFstY2YTgivJvJfvau4EtHq75wSfc78xiIa8U5CAFZkS8ne+f2u oV/IWwtPP6iQiFdmW4YoM4BRrKj6EbXxE5LZtl7QjGgXfz0U4sBDrmgyYwRgNaYQ aAcMCOENvZr4FO+AIn4d8saUPZDSwtdQkhApWZb+JLnJ/wJkJlpvIVbzgw4nzeTj ZAS7qw9W85Te8uXHR4yQqCT7t40sqAgRhwoFqrsqVxyRG5wNfTiZES1dwSIECP30 fPRfn/lYRPFeVbFA/u/68DI244fXNNxM02a63c8+0yMS0sL40UTlT+QH0bVGn7sL aHq+r9hUcns= =05ys -----END PGP SIGNATURE-----