What is CVE-2022-3116?

CVE-2022-3116 is a vulnerability in the Heimdal Software Kerberos 5 implementation that allows an attacker with network access to crash an application that depends on the vulnerable code path.

How can an attacker exploit CVE-2022-3116?

An attacker with network access to an application that depends on the vulnerable code path can exploit CVE-2022-3116 to cause the application to crash.

Which software versions are affected by CVE-2022-3116?

The Heimdal Software versions 7.5.0+dfsg-1ubuntu0.1, 7.7.0+dfsg-1ubuntu1.1, 1.6~, and 1.7~ are affected by CVE-2022-3116.

How can I fix CVE-2022-3116 on Ubuntu?

To fix CVE-2022-3116 on Ubuntu, you need to update the Heimdal package to version 7.5.0+dfsg-1ubuntu0.1 (for bionic) or 7.7.0+dfsg-1ubuntu1.1 (for focal).

How can I fix CVE-2022-3116 on Debian?

To fix CVE-2022-3116 on Debian, you need to update the Heimdal package to a version that includes the fixes for this vulnerability.

Vulnerability/
CVE-2022-3116

high

7.5

CWE

476

27/3/2023

3/8/2024

CVE-2022-3116: Null Pointer Dereference

First published: Mon Mar 27 2023(Updated: )

Last updated 24 July 2024

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Heimdal Project Heimdal	<=7.7.0
debian/heimdal		7.7.0+dfsg-2+deb11u3 7.8.git20221117.28daf24+dfsg-2 7.8.git20221117.28daf24+dfsg-8

Remedy

https://github.com/heimdal/heimdal/commit/7a19658c1f4fc4adf85bb7bea96caae5ba57b33e

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-3116?
CVE-2022-3116 is a vulnerability in the Heimdal Software Kerberos 5 implementation that allows an attacker with network access to crash an application that depends on the vulnerable code path.
How can an attacker exploit CVE-2022-3116?
An attacker with network access to an application that depends on the vulnerable code path can exploit CVE-2022-3116 to cause the application to crash.
Which software versions are affected by CVE-2022-3116?
The Heimdal Software versions 7.5.0+dfsg-1ubuntu0.1, 7.7.0+dfsg-1ubuntu1.1, 1.6~, and 1.7~ are affected by CVE-2022-3116.
How can I fix CVE-2022-3116 on Ubuntu?
To fix CVE-2022-3116 on Ubuntu, you need to update the Heimdal package to version 7.5.0+dfsg-1ubuntu0.1 (for bionic) or 7.7.0+dfsg-1ubuntu1.1 (for focal).
How can I fix CVE-2022-3116 on Debian?
To fix CVE-2022-3116 on Debian, you need to update the Heimdal package to a version that includes the fixes for this vulnerability.

collector/nvd-index
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/author
agent/weakness
agent/remedy
agent/severity
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/description
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/event
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
vendor/heimdal project
canonical/heimdal project heimdal
version/heimdal project heimdal/7.7.0
package-manager/debian

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.