The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
CVE-2022-3116 A flawed logical condition in lib/gssapi/spnego/accept_sec_context.c allows a malicious actor to remotely trigger a NULL pointer dereference using a crafted negTokenInit token.
An attacker can use a specially crafted network packet to cause a vulnerable application to crash.
The latest version of code in the Heimdal master branch fixes the issue. However, the current stable release 7.7.0 does not include the fix.
Thanks to Internet Systems Consortium for reporting the vulnerability.
This document was written by Kevin Stephens.