CVE-2022-42898

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
heimdal	24.04 LTS noble	Vulnerable
	23.10 mantic	Ignored
	23.04 lunar	Ignored
	22.10 kinetic	Ignored
	22.04 LTS jammy	Vulnerable
	20.04 LTS focal	Fixed 7.7.0+dfsg-1ubuntu1.3
	18.04 LTS bionic	Fixed 7.5.0+dfsg-1ubuntu0.3
	16.04 LTS xenial	Fixed 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm3 Ubuntu Pro
	14.04 LTS trusty	Fixed 1.6~git20131207+dfsg-1ubuntu1.2+esm3 Ubuntu Pro
krb5	24.04 LTS noble	Not affected
	23.10 mantic	Not affected
	23.04 lunar	Not affected
	22.10 kinetic	Fixed 1.20-1ubuntu0.1
	22.04 LTS jammy	Fixed 1.19.2-2ubuntu0.1
	20.04 LTS focal	Fixed 1.17-6ubuntu4.2
	18.04 LTS bionic	Fixed 1.16-2ubuntu0.3
	16.04 LTS xenial	Fixed 1.13.2+dfsg-5ubuntu2.2+esm3 Ubuntu Pro
	14.04 LTS trusty	Fixed 1.12+dfsg-2ubuntu5.4+esm3 Ubuntu Pro
samba	24.04 LTS noble	Not affected
	23.10 mantic	Not affected
	23.04 lunar	Not affected
	22.10 kinetic	Fixed 2:4.16.8+dfsg-0ubuntu1
	22.04 LTS jammy	Fixed 2:4.15.13+dfsg-0ubuntu1
	20.04 LTS focal	Fixed 2:4.15.13+dfsg-0ubuntu0.20.04.1
	18.04 LTS bionic	Vulnerable
	16.04 LTS xenial	Needs evaluation
	14.04 LTS trusty	Vulnerable

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
heimdal	Upstream: b90b219 Upstream: 0c56257 Upstream: 9d1bfab
krb5	Upstream: ea92d2f Upstream: b99de75 Upstream: 4e661f0
samba	Upstream: https://git.samba.org/?p=samba.git;a=commit;h=a8ef840d4362d3ffeab13c1d5fea417511b727c2 Upstream: https://git.samba.org/?p=samba.git;a=commit;h=8369aee33a0b3de10485dc72223f4653585e3a79 Upstream: https://git.samba.org/?p=samba.git;a=commit;h=f792d3e3906414d836d186ec279586c13a83ba8d Upstream: https://git.samba.org/?p=samba.git;a=commit;h=9c909c57ce7abacd96ba18173a9dc4ba9a7c0230 Upstream: https://git.samba.org/?p=samba.git;a=commit;h=a3816433ae971830c2b16b366b10283aeb5a87b5 Upstream: https://git.samba.org/?p=samba.git;a=commit;h=f3672577a8e15b7937d0067a262d04df632dade9

Severity score breakdown

Parameter	Value
Base score	8.8 · High
Attack vector	Network
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Related Ubuntu Security Notices (USN)

USN-5800-1
Heimdal vulnerabilities
12 January 2023

USN-5822-1
Samba vulnerabilities
24 January 2023

USN-5828-1
Kerberos vulnerabilities
25 January 2023

USN-5936-1
Samba vulnerabilities
8 March 2023

CVE-2022-42898

Cvss 3 Severity Score

Status

Get expanded security coverage with Ubuntu Pro

Notes

mdeslaur

rodrigo-zaiden

mdeslaur

Patch details

Severity score breakdown

References

Related Ubuntu Security Notices (USN)

Other references