Diffusion FreeBSD src repository fc773115fa2d

heimdal: Fix NULL deref
fc773115fa2d
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

heimdal: Fix NULL deref

A flawed logical condition allows a malicious actor to remotely
trigger a NULL pointer dereference using a crafted negTokenInit
token.

Upstream notes:

Reported to Heimdal by Michał Kępień <michal@isc.org>.

From the report:

Acknowledgement
---------------

This flaw was found while working on addressing ZDI-CAN-12302: ISC BIND
TKEY Query Heap-based Buffer Overflow Remote Code Execution
Vulnerability, which was reported to ISC by Trend Micro's Zero Day

Security: CVE-2022-3116
Obtained from: upstream 7a19658c1
MFC after: 1 week

Details

Provenance

cy	Authored on Feb 15 2024, 3:41 PM

Parents

rG60616b445eb5: heimdal: always confirm PA-PKINIT-KX for anon PKINIT

Branches

Unknown

Tags

Unknown

Event Timeline

cy committed rGfc773115fa2d: heimdal: Fix NULL deref (authored by cy).Feb 15 2024, 9:27 PM

cy mentioned this in rG5b7c923d9581: heimdal: Fix NULL deref.Feb 21 2024, 1:44 PM

cy mentioned this in rG6b421e431a2d: heimdal: Fix NULL deref.

cy mentioned this in rG88bdc4bb60df: heimdal: Fix NULL deref.Feb 21 2024, 2:02 PM

emaste mentioned this in rGbec5e729ceef: heimdal: Fix NULL deref.Feb 21 2024, 8:26 PM

Changes (1)

Path

Size

crypto/

heimdal/

lib/

gssapi/

spnego/

accept_sec_context.c

rGfc773115fa2d

crypto/heimdal/lib/gssapi/spnego/accept_sec_context.c

Loading...