CVE-2022-44640

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-44640
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44640.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-44640
Downstream
Related
Published
2022-12-25T05:15:11.103Z
Modified
2026-04-16T00:00:55.667337073Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).

References

Affected packages

Git / github.com/heimdal/heimdal

Affected ranges

Type
GIT
Repo
https://github.com/heimdal/heimdal
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
78077c39e355766221383ee48c8b9be0459a82a4
Database specific 
{
    "cpe": "cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "7.7.1"
        }
    ]
}

Affected versions

Other
git2svn-syncpoint-master
switch-from-svn-to-git
heimdal-1.*
heimdal-1.3.0pre1
heimdal-1.3.0pre10
heimdal-1.3.0pre11
heimdal-1.3.0pre3
heimdal-1.3.0pre4
heimdal-1.3.0pre5
heimdal-1.3.0pre6
heimdal-1.3.0pre7
heimdal-1.3.0pre8
heimdal-1.3.0pre9
heimdal-1.3.0rc1
heimdal-1.5pre1
heimdal-1.5pre2
heimdal-7.*
heimdal-7.0.1
heimdal-7.0.2
heimdal-7.0.3
heimdal-7.1.0
heimdal-7.1rc1
heimdal-7.2.0
heimdal-7.3.0
heimdal-7.4.0
heimdal-7.5.0
heimdal-7.6.0
heimdal-7.7.0
upstream-1.*
upstream-1.4.0+git20101228.dfsg.1
upstream-1.4.0+git20110220.dfsg.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44640.json"
vanir_signatures_modified 
"2026-04-12T04:17:55Z"
vanir_signatures 
[
    {
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "185684756605390238103334007784352789624",
                "7131579695216385856922531758292910060",
                "96067565823201056646313325968740529266",
                "307324062224806380958204996069287421659"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "include/bits.c"
        },
        "source": "https://github.com/heimdal/heimdal/commit/78077c39e355766221383ee48c8b9be0459a82a4",
        "signature_version": "v1",
        "id": "CVE-2022-44640-7e74d481"
    }
]

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events
Introduced
fc8342bd26d1c55ca5780b427f675f31147b27f9
Fixed
0c85a0adaa57df2541ec2d395d1f7cf936bc2e43
Introduced
e95d85f784ae6b19f2cb42cc9039b60b146e5b69
Fixed
6cc6e233b5ceb2a579400f020b61c67ca7bbeb78
Introduced
fbec737d9d3d992b54f52defcba62a304efef8f7
Fixed
ab48448c650c96095fa183c3531a3dd244983664
Database specific 
{
    "cpe": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "4.15.0"
        },
        {
            "fixed": "4.15.3"
        },
        {
            "introduced": "4.16.0"
        },
        {
            "fixed": "4.16.8"
        },
        {
            "introduced": "4.17.0"
        },
        {
            "fixed": "4.17.4"
        }
    ]
}

Affected versions

ldb-2.*
ldb-2.4.1
ldb-2.5.1
ldb-2.5.2
samba-4.*
samba-4.15.0
samba-4.15.1
samba-4.15.2
samba-4.16.0
samba-4.16.1
samba-4.16.2
samba-4.16.3
samba-4.16.4
samba-4.16.5
samba-4.17.0
samba-4.17.1
samba-4.17.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44640.json"