Upstream information
CVE-2022-41916 at MITRE
Description
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
CVSS v3 Scores
| | National Vulnerability Database |
|---|
| Base Score | 5.9 |
| Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector | Network |
| Attack Complexity | High |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | High |
| CVSSv3 Version | 3.1 |
SUSE Bugzilla entry:
1205667 [RESOLVED / FIXED]
SUSE Security Advisories:
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|
| SUSE Package Hub 15 SP3 | libasn1-8 >= 7.8.0-bp153.2.4.1libgssapi3 >= 7.8.0-bp153.2.4.1libhcrypto4 >= 7.8.0-bp153.2.4.1libhdb9 >= 7.8.0-bp153.2.4.1libheimbase1 >= 7.8.0-bp153.2.4.1libheimdal-devel >= 7.8.0-bp153.2.4.1libheimedit0 >= 7.8.0-bp153.2.4.1libheimntlm0 >= 7.8.0-bp153.2.4.1libhx509-5 >= 7.8.0-bp153.2.4.1libkadm5clnt7 >= 7.8.0-bp153.2.4.1libkadm5srv8 >= 7.8.0-bp153.2.4.1libkafs0 >= 7.8.0-bp153.2.4.1libkdc2 >= 7.8.0-bp153.2.4.1libkrb5-26 >= 7.8.0-bp153.2.4.1libotp0 >= 7.8.0-bp153.2.4.1libroken18 >= 7.8.0-bp153.2.4.1libsl0 >= 7.8.0-bp153.2.4.1libwind0 >= 7.8.0-bp153.2.4.1
| Patchnames:
openSUSE-2023-20 |
| SUSE Package Hub 15 SP4 | libasn1-8 >= 7.8.0-bp154.2.4.1libgssapi3 >= 7.8.0-bp154.2.4.1libhcrypto4 >= 7.8.0-bp154.2.4.1libhdb9 >= 7.8.0-bp154.2.4.1libheimbase1 >= 7.8.0-bp154.2.4.1libheimdal-devel >= 7.8.0-bp154.2.4.1libheimedit0 >= 7.8.0-bp154.2.4.1libheimntlm0 >= 7.8.0-bp154.2.4.1libhx509-5 >= 7.8.0-bp154.2.4.1libkadm5clnt7 >= 7.8.0-bp154.2.4.1libkadm5srv8 >= 7.8.0-bp154.2.4.1libkafs0 >= 7.8.0-bp154.2.4.1libkdc2 >= 7.8.0-bp154.2.4.1libkrb5-26 >= 7.8.0-bp154.2.4.1libotp0 >= 7.8.0-bp154.2.4.1libroken18 >= 7.8.0-bp154.2.4.1libsl0 >= 7.8.0-bp154.2.4.1libwind0 >= 7.8.0-bp154.2.4.1
| Patchnames:
openSUSE-2023-19 |
| openSUSE Leap 15.3 | libasn1-8 >= 7.8.0-bp153.2.4.1libgssapi3 >= 7.8.0-bp153.2.4.1libhcrypto4 >= 7.8.0-bp153.2.4.1libhdb9 >= 7.8.0-bp153.2.4.1libheimbase1 >= 7.8.0-bp153.2.4.1libheimdal-devel >= 7.8.0-bp153.2.4.1libheimedit0 >= 7.8.0-bp153.2.4.1libheimntlm0 >= 7.8.0-bp153.2.4.1libhx509-5 >= 7.8.0-bp153.2.4.1libkadm5clnt7 >= 7.8.0-bp153.2.4.1libkadm5srv8 >= 7.8.0-bp153.2.4.1libkafs0 >= 7.8.0-bp153.2.4.1libkdc2 >= 7.8.0-bp153.2.4.1libkrb5-26 >= 7.8.0-bp153.2.4.1libotp0 >= 7.8.0-bp153.2.4.1libroken18 >= 7.8.0-bp153.2.4.1libsl0 >= 7.8.0-bp153.2.4.1libwind0 >= 7.8.0-bp153.2.4.1
| Patchnames:
openSUSE-2023-20 |
| openSUSE Leap 15.4 | libasn1-8 >= 7.8.0-bp154.2.4.1libgssapi3 >= 7.8.0-bp154.2.4.1libhcrypto4 >= 7.8.0-bp154.2.4.1libhdb9 >= 7.8.0-bp154.2.4.1libheimbase1 >= 7.8.0-bp154.2.4.1libheimdal-devel >= 7.8.0-bp154.2.4.1libheimedit0 >= 7.8.0-bp154.2.4.1libheimntlm0 >= 7.8.0-bp154.2.4.1libhx509-5 >= 7.8.0-bp154.2.4.1libkadm5clnt7 >= 7.8.0-bp154.2.4.1libkadm5srv8 >= 7.8.0-bp154.2.4.1libkafs0 >= 7.8.0-bp154.2.4.1libkdc2 >= 7.8.0-bp154.2.4.1libkrb5-26 >= 7.8.0-bp154.2.4.1libotp0 >= 7.8.0-bp154.2.4.1libroken18 >= 7.8.0-bp154.2.4.1libsl0 >= 7.8.0-bp154.2.4.1libwind0 >= 7.8.0-bp154.2.4.1
| Patchnames:
openSUSE-2023-19 |
| openSUSE Tumbleweed | libasn1-8 >= 7.8.0-1.1libgssapi3 >= 7.8.0-1.1libhcrypto4 >= 7.8.0-1.1libhdb9 >= 7.8.0-1.1libheimbase1 >= 7.8.0-1.1libheimdal-devel >= 7.8.0-1.1libheimedit0 >= 7.8.0-1.1libheimntlm0 >= 7.8.0-1.1libhx509-5 >= 7.8.0-1.1libkadm5clnt7 >= 7.8.0-1.1libkadm5srv8 >= 7.8.0-1.1libkafs0 >= 7.8.0-1.1libkdc2 >= 7.8.0-1.1libkrb5-26 >= 7.8.0-1.1libotp0 >= 7.8.0-1.1libroken18 >= 7.8.0-1.1libsl0 >= 7.8.0-1.1libwind0 >= 7.8.0-1.1
| Patchnames:
openSUSE-Tumbleweed-2024-12580 |
SUSE Timeline for this CVE
CVE page created: Wed Nov 16 07:00:10 2022
CVE page last modified: Tue Sep 3 19:26:35 2024
