StarlingX

[Debian] CVE: CVE-2022-42898: krb5: integer overflows.

Bug #2002269 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Critical
Zhixiong Chi

Bug Description

CVE-2022-42898: https://nvd.nist.gov/vuln/detail/CVE-2022-42898

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."

Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-42898 fixed 8.8 N L N N H

References:
https://security-tracker.debian.org/tracker/CVE-2022-42898

['libgssapi-krb5-2_1.18.3-6+deb11u1_amd64.deb===>libgssapi-krb5-2_1.18.3-6+deb11u3_amd64.deb', 'libk5crypto3_1.18.3-6+deb11u1_amd64.deb===>libk5crypto3_1.18.3-6+deb11u3_amd64.deb', 'libkrb5-3_1.18.3-6+deb11u1_amd64.deb===>libkrb5-3_1.18.3-6+deb11u3_amd64.deb', 'libkrb5support0_1.18.3-6+deb11u1_amd64.deb===>libkrb5support0_1.18.3-6+deb11u3_amd64.deb']

Found during December 2022 CVE scan using vulscan

CVE References

Yue Tao (wrytao)
Changed in starlingx:
assignee: nobody → Zhixiong Chi (zhixiongchi)
status: New → Triaged
importance: Undecided → Critical
information type: Public → Public Security
tags: added: stx.8.0 stx.security
Zhixiong Chi (zhixiongchi)
Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/869624

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/869624
Committed: https://opendev.org/starlingx/tools/commit/42c8a8c473705ada2d813d771176babace8ca066
Submitter: "Zuul (22348)"
Branch: master

commit 42c8a8c473705ada2d813d771176babace8ca066
Author: Zhixiong Chi <email address hidden>
Date: Sun Jan 8 22:16:57 2023 -0800

    Debian: krb5: CVE-2022-42898

    Upgrade krb5 to 2_1.18.3-6+deb11u3 to fix CVE-2022-42898.
    libgssapi-krb5-2_1.18.3-6+deb11u3
    libk5crypto3_1.18.3-6+deb11u3
    libkrb5-3_1.18.3-6+deb11u3
    libkrb5support0_1.18.3-6+deb11u3

    Refer to:
    https://security-tracker.debian.org/tracker/DSA-5286-1

    TestPlan:
    PASS: downloader
    PASS: build-pkgs -a -c
    PASS: build-image
    PASS: Jenkins Installation.

    Closes-Bug: 2002269

    Signed-off-by: Zhixiong Chi <email address hidden>
    Change-Id: I53d5a8d02d4f9f2c9b9d70d61d660023c5abd954

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
Ghada Khalil (gkhalil) wrote :

This change caused a container build failure as reported by https://bugs.launchpad.net/starlingx/+bug/2003261 and was subsequently fixed by https://review.opendev.org/c/starlingx/tools/+/871082

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.