CVE-2022-44640 affects the version of heimdal on ubuntu 22.04 - could it be updated?
Bug #2054916 reported by
Dag Hovland
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
heimdal (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Triaged
|
Undecided
|
Unassigned |
Bug Description
I am running ubuntu 22.04. The version of heimdal installed (7.7.0) is vunerable to CVE-2022-44640, which is categorised as critical by some (crowdstrike falcon at least). Is is possible to upgrade it to some non-vulnerable version?
CVE References
Changed in heimdal (Ubuntu Focal): | |
status: | New → Fix Released |
Changed in heimdal (Ubuntu Jammy): | |
status: | New → Triaged |
Changed in heimdal (Ubuntu): | |
status: | Triaged → Fix Released |
To post a comment you must log in.
In Debian, this was fixed in 7.7.0+dfsg- 2+deb11u1 in bullseye(-security) - i.e., 7.7.0+dfsg-2 was still affeected.
7.7.0+dfsg-3 includes a fix for a different CVE:
heimdal (7.7.0+dfsg-3) unstable; urgency=high
* Fix CVE-2021-3671: A null pointer de-reference was found in the way
samba kerberos server handled missing sname in TGS-REQ. Closes: #996586.
* Fix autoconf 2.7 issues
In focal, this was fixed in 7.7.0+dfsg- 1ubuntu1. 3 on Wed, 11 Jan 2023
* SECURITY UPDATE: invalid free patches/ CVE-2022- 44640.patch: relocates a call to fprintf and gen_decode. c gen_free. c.
- debian/
parameters when calling it in decode_type() in lib/asn1/
and add a call to fprintf in free_type() in lib/asn1/
- CVE-2022-44640
In jammy, we have 7.7.0+dfsg- 3ubuntu1. As mentioned above, 7.7.0+dfsg-3 does not include the fix for the mentioned CVE. Moreover, our delta in this release is just former delta being carried by the merge:
heimdal (7.7.0+ dfsg-3ubuntu1) jammy; urgency=medium
* Merge with Debian unstable (LP: #1946860). Remaining changes: HEIMDAL_ ROKEN_1. 0 1.4.0+git20110226
- Disable lto, to regain dep on roken, otherwise dependencies on amd64
are different to i386 resulting in different files on amd64 and
i386. LP #1934936
- Remove symbol rk_closefrom@
(LP #1945787)
Therefore, this does seem to still be affected by the CVE, as reported.