CVE-2022-42898: Integer Overflow
First published: Sun Dec 25 2022(Updated: )
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MIT Kerberos 5 | >=1.8<1.19.4 | |
| MIT Kerberos 5 | =1.20 | |
| MIT Kerberos 5 | =1.20-beta1 | |
| Heimdal Project Heimdal | <7.7.1 | |
| Samba Samba | <4.15.12 | |
| Samba Samba | >=4.16.0<4.16.7 | |
| Samba Samba | >=4.17.0<4.17.3 | |
| debian/heimdal | <=7.5.0+dfsg-3 | 7.5.0+dfsg-3+deb10u2 7.7.0+dfsg-2+deb11u3 7.8.git20221117.28daf24+dfsg-2 7.8.git20221117.28daf24+dfsg-3 |
| debian/krb5 | <=1.17-3+deb10u4 | 1.17-3+deb10u6 1.18.3-6+deb11u4 1.18.3-6+deb11u3 1.20.1-2+deb12u1 1.20.1-5 |
| debian/samba | <=2:4.9.5+dfsg-5+deb10u3<=2:4.9.5+dfsg-5+deb10u4<=2:4.13.13+dfsg-1~deb11u5 | 2:4.17.12+dfsg-0+deb12u1 2:4.19.3+dfsg-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.samba.org/show_bug.cgi?id=15203
- https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c
- https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
- https://security.gentoo.org/glsa/202309-06
- https://security.gentoo.org/glsa/202310-06
- https://security.netapp.com/advisory/ntap-20230216-0008/
- https://security.netapp.com/advisory/ntap-20230223-0001/
- https://web.mit.edu/kerberos/advisories/
- https://web.mit.edu/kerberos/krb5-1.19/
- https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt
- https://www.samba.org/samba/security/CVE-2022-42898.html
- https://github.com/krb5/krb5/commit/b99de751dd35360c0fccac74a40f4a60dbf1ceea
- https://github.com/krb5/krb5/commit/4e661f0085ec5f969c76c0896a34322c6c432de4
- https://github.com/heimdal/heimdal/commit/0c56257bdac80da015878fffdb0f8a42b8d73246
- https://github.com/heimdal/heimdal/pull/1025
- https://bugzilla.samba.org/show_bug.cgi?id=15243
- https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2003867
- https://security-tracker.debian.org/tracker/CVE-2022-42898
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID of this security issue is CVE-2022-42898.
What is the severity rating of CVE-2022-42898?
CVE-2022-42898 has a severity rating of 8.8 (High).
Which software versions are affected by CVE-2022-42898?
MIT Kerberos 5 versions before 1.19.4 and 1.20.x before 1.20.1 are affected.
How can CVE-2022-42898 lead to remote code execution?
CVE-2022-42898 can lead to remote code execution due to integer overflows in PAC parsing.
Where can I find more information about CVE-2022-42898?
You can find more information about CVE-2022-42898 in the references provided: [link1] [link2] [link3].
- collector/nvd-api
- collector/nvd-index
- collector/security-tracker-debian
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/event
- agent/references
- agent/type
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- vendor/mit
- canonical/mit kerberos 5
- version/mit kerberos 5/1.8
- version/mit kerberos 5/1.20
- version/mit kerberos 5/1.20-beta1
- vendor/heimdal project
- canonical/heimdal project heimdal
- vendor/samba
- canonical/samba samba
- version/samba samba/4.16.0
- version/samba samba/4.17.0
- package-manager/debian