CRITICAL✓ PATCH🇬🇧 English

CVE-2022-44640

CVSS 9.8v3.1pub. 2022-12-25upd. 2025-04-15

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Heimdal Project Heimdal

    APP
    Heimdal Project
    < 7.7.1
  • Samba

    APP
    Samba
    4.15.0 – 4.15.3 (bez)4.16.0 – 4.16.8 (bez)4.17.0 – 4.17.4 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2017-7494CRITICAL9.8⚠ KEVten sam produkt

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerabi...

CVE-2026-4408CRITICAL9.0PL ✓ten sam produkt

Samba: RCE przez command injection w 'check password script' z podstawieniem %u

CVE-2026-4480CRITICAL9.0PL ✓ten sam produkt

Samba: command injection w podsystemie drukowania przez podstawienie %J

CVE-2023-3961CRITICAL9.1ten sam produkt

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix do...

CVE-2022-45141CRITICAL9.8ten sam produkt

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2...

CVE-2022-44640 — CRITICAL 9.8 | CVEbaza.pl