vulnerability
Ubuntu: (Multiple Advisories) (CVE-2022-3437): Heimdal vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Aug 2, 2022 | Jan 13, 2023 | Aug 18, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Aug 2, 2022
Added
Jan 13, 2023
Modified
Aug 18, 2025
Description
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
Solutions
ubuntu-pro-upgrade-libasn1-8-heimdalubuntu-pro-upgrade-libgssapi3-heimdalubuntu-pro-upgrade-libhdb9-heimdalubuntu-pro-upgrade-libhx509-5-heimdalubuntu-pro-upgrade-libkrb5-26-heimdalubuntu-pro-upgrade-samba
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.