NULL Pointer Dereference Affecting heimdal package, versions <7.4.0-r2


Severity

Recommended
0.0
high
0
10

Snyk's Security Team recommends NVD's CVSS assessment. Learn more

Threat Intelligence

EPSS
34.9% (98th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about NULL Pointer Dereference vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-ALPINE310-HEIMDAL-454861
  • published6 Dec 2017
  • disclosed6 Dec 2017

Introduced: 6 Dec 2017

CVE-2017-17439  (opens in a new tab)
CWE-476  (opens in a new tab)

How to fix?

Upgrade Alpine:3.10 heimdal to version 7.4.0-r2 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream heimdal package and not the heimdal package as distributed by Alpine. See How to fix? for Alpine:3.10 relevant fixed versions and status.

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.