CVE-2022-44640

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-44640
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44640.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-44640
Aliases
  • GHSA-88pm-hfmq-7vv4
Related
Published
2022-12-25T05:15:11Z
Modified
2024-12-05T15:37:56.475896Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).

References

Affected packages

Alpine:v3.14 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4

Alpine:v3.15 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Alpine:v3.16 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Alpine:v3.17 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Alpine:v3.18 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Alpine:v3.19 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Alpine:v3.20 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Alpine:v3.21 / heimdal

Package

Name
heimdal
Purl
pkg:apk/alpine/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.1-r0

Affected versions

1.*

1.2.1-r0
1.2.1-r1
1.2.1-r2
1.2.1-r3
1.2.1-r4
1.3.1-r0
1.3.1-r1
1.3.1-r2
1.3.1-r3
1.3.1-r4
1.3.1-r5
1.3.3-r0
1.4-r0
1.4-r1
1.4-r2
1.4-r3
1.4-r4
1.4-r5
1.4-r6
1.4-r7
1.4-r8
1.4-r9
1.4-r10
1.4-r11
1.5-r2
1.5.2-r3
1.5.2-r4
1.5.2-r5
1.5.2-r6
1.5.2-r7
1.5.2-r8
1.5.3-r0
1.5.3-r1
1.6_rc2-r1
1.6_rc2-r2
1.6_rc2-r3
1.6_rc2-r4
1.6_rc2-r5

7.*

7.1.0-r0
7.1.0-r1
7.4.0-r0
7.4.0-r1
7.4.0-r2
7.5.0-r0
7.5.0-r1
7.5.0-r2
7.5.0-r3
7.5.0-r4
7.7.0-r0
7.7.0-r1
7.7.0-r2
7.7.0-r3
7.7.0-r4
7.7.0-r5
7.7.0-r6
7.7.0-r7
7.7.0-r8

Debian:11 / heimdal

Package

Name
heimdal
Purl
pkg:deb/debian/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.7.0+dfsg-2+deb11u2

Affected versions

7.*

7.7.0+dfsg-2
7.7.0+dfsg-2+deb11u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / heimdal

Package

Name
heimdal
Purl
pkg:deb/debian/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.8.git20221115.a6cf945+dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / heimdal

Package

Name
heimdal
Purl
pkg:deb/debian/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.8.git20221115.a6cf945+dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:11 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2:4.*

2:4.13.5+dfsg-2
2:4.13.13+dfsg-1~deb11u1
2:4.13.13+dfsg-1~deb11u2
2:4.13.13+dfsg-1~deb11u3
2:4.13.13+dfsg-1~deb11u4
2:4.13.13+dfsg-1~deb11u5
2:4.13.13+dfsg-1~deb11u6
2:4.13.13+dfsg-1
2:4.13.14+dfsg-1
2:4.16.0+dfsg-1
2:4.16.0+dfsg-2
2:4.16.0+dfsg-3
2:4.16.0+dfsg-4
2:4.16.0+dfsg-5
2:4.16.0+dfsg-6
2:4.16.0+dfsg-7
2:4.16.0+dfsg-7+hurd.1
2:4.16.1+dfsg-1
2:4.16.1+dfsg-2
2:4.16.1+dfsg-3~bpo11+1
2:4.16.1+dfsg-3~bpo11+2
2:4.16.1+dfsg-3~bpo11+3
2:4.16.1+dfsg-3
2:4.16.1+dfsg-4~bpo11+1
2:4.16.1+dfsg-4
2:4.16.1+dfsg-5
2:4.16.1+dfsg-6
2:4.16.1+dfsg-6+x32
2:4.16.1+dfsg-7
2:4.16.1+dfsg-8~bpo11+1
2:4.16.1+dfsg-8
2:4.16.2+dfsg-1
2:4.16.3+dfsg-1
2:4.16.4+dfsg-1
2:4.16.4+dfsg-2~bpo11+1
2:4.16.4+dfsg-2
2:4.16.4+dfsg-2+hurd.1
2:4.16.5+dfsg-1~bpo11+1
2:4.16.5+dfsg-1
2:4.16.5+dfsg-2
2:4.16.6+dfsg-1
2:4.16.6+dfsg-2
2:4.16.6+dfsg-3
2:4.16.6+dfsg-4
2:4.16.6+dfsg-5~bpo11+1
2:4.16.6+dfsg-5
2:4.16.6+dfsg-6
2:4.17.0+dfsg-1
2:4.17.0+dfsg-1+ports
2:4.17.0+dfsg-2
2:4.17.1+dfsg-1
2:4.17.2+dfsg-1
2:4.17.2+dfsg-2
2:4.17.2+dfsg-3
2:4.17.2+dfsg-4
2:4.17.2+dfsg-5
2:4.17.2+dfsg-6
2:4.17.2+dfsg-7
2:4.17.2+dfsg-8
2:4.17.2+dfsg-8+hurd.1
2:4.17.2+dfsg-9
2:4.17.3+dfsg-1~bpo11+1
2:4.17.3+dfsg-1
2:4.17.3+dfsg-2~bpo11+1
2:4.17.3+dfsg-2
2:4.17.3+dfsg-3~bpo11+1
2:4.17.3+dfsg-3
2:4.17.3+dfsg-4
2:4.17.4+dfsg-1
2:4.17.4+dfsg-2~bpo11+1
2:4.17.4+dfsg-2
2:4.17.4+dfsg-3~bpo11+1
2:4.17.4+dfsg-3
2:4.17.5+dfsg-1~bpo11+1
2:4.17.5+dfsg-1
2:4.17.5+dfsg-2
2:4.17.6+dfsg-1~bpo11+1
2:4.17.6+dfsg-1
2:4.17.7+dfsg-1~bpo11+1
2:4.17.7+dfsg-1
2:4.17.8+dfsg-1~bpo11+1
2:4.17.8+dfsg-1
2:4.17.8+dfsg-2
2:4.17.8+dfsg-2.1
2:4.18.0~rc1+dfsg-1exp
2:4.18.0~rc2+dfsg-1
2:4.18.0~rc3+dfsg-1
2:4.18.0~rc4+dfsg-1
2:4.18.0+dfsg-1~exp1
2:4.18.1+dfsg-1~exp1
2:4.18.2+dfsg-1
2:4.18.3+dfsg-1
2:4.18.3+dfsg-2
2:4.18.3+dfsg-3
2:4.18.4+dfsg-1
2:4.18.4+dfsg-2~bpo12+1
2:4.18.4+dfsg-2
2:4.18.5+dfsg-1
2:4.18.5+dfsg-2~bpo12+1
2:4.18.5+dfsg-2
2:4.18.6+dfsg-1~bpo12+1
2:4.18.6+dfsg-1
2:4.18.8+dfsg-1~bpo12+1
2:4.19.0~rc1+dfsg-1
2:4.19.0~rc1+dfsg-2
2:4.19.0~rc1+dfsg-3
2:4.19.0~rc2+dfsg-1
2:4.19.0~rc4+dfsg-1
2:4.19.0~rc4+dfsg-2
2:4.19.0+dfsg-1
2:4.19.1+dfsg-1
2:4.19.1+dfsg-2
2:4.19.1+dfsg-3
2:4.19.1+dfsg-4
2:4.19.2+dfsg-1
2:4.19.3+dfsg-1~bpo12+1
2:4.19.3+dfsg-1
2:4.19.3+dfsg-2
2:4.19.4+dfsg-1
2:4.19.4+dfsg-2~bpo12+1
2:4.19.4+dfsg-2
2:4.19.4+dfsg-3~bpo12+1
2:4.19.4+dfsg-3
2:4.19.5+dfsg-1
2:4.19.5+dfsg-2
2:4.19.5+dfsg-3
2:4.19.5+dfsg-4~bpo12+1
2:4.19.5+dfsg-4
2:4.19.5+dfsg-5
2:4.19.6+dfsg-1
2:4.19.6+dfsg-2
2:4.19.6+dfsg-3~bpo12+1
2:4.19.6+dfsg-3
2:4.20.0~rc1+dfsg-1
2:4.20.0~rc2+dfsg-1
2:4.20.0~rc2+dfsg-2
2:4.20.0~rc2+dfsg-3
2:4.20.0+dfsg-1~exp1
2:4.20.0+dfsg-1~exp2
2:4.20.1+dfsg-1
2:4.20.1+dfsg-2
2:4.20.1+dfsg-3
2:4.20.1+dfsg-4~bpo12+1
2:4.20.1+dfsg-4
2:4.20.1+dfsg-5
2:4.20.2+dfsg-1
2:4.20.2+dfsg-2~bpo12+1
2:4.20.2+dfsg-2~bpo12+2
2:4.20.2+dfsg-2
2:4.20.2+dfsg-3
2:4.20.2+dfsg-4
2:4.20.2+dfsg-5~bpo12+1
2:4.20.2+dfsg-5
2:4.20.2+dfsg-6~bpo12+1
2:4.20.2+dfsg-6
2:4.20.2+dfsg-7
2:4.20.2+dfsg-8
2:4.20.2+dfsg-9~exp1
2:4.20.2+dfsg-9~exp2
2:4.20.2+dfsg-9
2:4.20.2+dfsg-10
2:4.20.4+dfsg-1~bpo12+1
2:4.20.5+dfsg-1~bpo12+1
2:4.21.0~rc1+dfsg-1
2:4.21.0~rc1+really4.20.2+dfsg-11
2:4.21.0~rc1+really4.20.2+dfsg-11r
2:4.21.0~rc1+really4.20.3+dfsg-1
2:4.21.0~rc1+really4.20.4+dfsg-1
2:4.21.0~rc2+dfsg-1
2:4.21.0+dfsg-1
2:4.21.1+dfsg-1~bpo12+1
2:4.21.1+dfsg-1
2:4.21.1+dfsg-2~bpo12+1
2:4.21.1+dfsg-2
2:4.21.1+dfsg-2+hurd.1
2:4.21.2+dfsg-1
2:4.21.2+dfsg-2
2:4.21.2+dfsg-3~bpo12+1
2:4.21.2+dfsg-3
2:4.21.2+dfsg-4~exp1
2:4.21.2+dfsg-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.17.4+dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.17.4+dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/heimdal/heimdal

Affected ranges

Type
GIT
Repo
https://github.com/heimdal/heimdal
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
78077c39e355766221383ee48c8b9be0459a82a4
Type
GIT
Repo
https://github.com/samba-team/samba
Events
Introduced
fc8342bd26d1c55ca5780b427f675f31147b27f9
Fixed
0c85a0adaa57df2541ec2d395d1f7cf936bc2e43

Affected versions

Other

git2svn-syncpoint-master
switch-from-svn-to-git

heimdal-1.*

heimdal-1.3.0pre1
heimdal-1.3.0pre10
heimdal-1.3.0pre11
heimdal-1.3.0pre3
heimdal-1.3.0pre4
heimdal-1.3.0pre5
heimdal-1.3.0pre6
heimdal-1.3.0pre7
heimdal-1.3.0pre8
heimdal-1.3.0pre9
heimdal-1.3.0rc1
heimdal-1.5pre1
heimdal-1.5pre2

heimdal-7.*

heimdal-7.0.1
heimdal-7.0.2
heimdal-7.0.3
heimdal-7.1.0
heimdal-7.1rc1
heimdal-7.2.0
heimdal-7.3.0
heimdal-7.4.0
heimdal-7.5.0
heimdal-7.6.0
heimdal-7.7.0

ldb-2.*

ldb-2.4.1

samba-4.*

samba-4.15.0
samba-4.15.1
samba-4.15.2

upstream-1.*

upstream-1.4.0+git20101228.dfsg.1
upstream-1.4.0+git20110220.dfsg.1