Overview
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
Description
CVE-2022-3116 A flawed logical condition in lib/gssapi/spnego/accept_sec_context.c allows a malicious actor to remotely trigger a NULL pointer dereference using a crafted negTokenInit token.
Impact
An attacker can use a specially crafted network packet to cause a vulnerable application to crash.
Solution
The latest version of code in the Heimdal master branch fixes the issue. However, the current stable release 7.7.0 does not include the fix.
Acknowledgements
Thanks to Internet Systems Consortium for reporting the vulnerability.
This document was written by Kevin Stephens.
Vendor Information
FreeBSD Affected
Statement Date: June 22, 2021
| CVE-2022-3116 | Affected |
Vendor Statement
We have not received a statement from the vendor.
HardenedBSD Affected
Statement Date: June 22, 2021
| CVE-2022-3116 | Affected |
Vendor Statement
Though HardenedBSD is affected, it is not possible to create a memory allocation at the 0 (NULL) address in HardenedBSD. Thus, at its worst, this bug will crash the application.
Heimdal Kerberos Project Affected
| CVE-2022-3116 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Advantech Czech Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Aruba Networks Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
AVM GmbH Not Affected
Statement Date: February 10, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Heimdal ist not in use within our products or our organisation.
Barracuda Networks Not Affected
Statement Date: February 02, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Belden Not Affected
Statement Date: March 14, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Brocade Communication Systems Not Affected
Statement Date: April 06, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
No Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.
Check Point Not Affected
Statement Date: February 02, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We do not distribute the code for gssapi spnego
Cradlepoint Not Affected
Statement Date: August 22, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Cradlepoint conducted a review of their offerings and the lib/gssapi/spnego/accept_sec_context.c library is not used in any of our products.
dd-wrt Not Affected
Statement Date: August 26, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Heimdal is not in use in dd-wrt. In contrary to openwrt, dd-wrt uses ksmbd instead of samba4.
Deutsche Telekom Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
DT is not reusing heimdal code in our branded products and is not affected.
Digi International Not Affected
Statement Date: October 05, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Digi’s platforms, infrastructure, and or services disallows kerberos/gssapi authentication from any available service and does not appear vulnerable to this exploit.
D-Link Systems Inc. Not Affected
Statement Date: December 27, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
eCosCentric Not Affected
Statement Date: January 26, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Code not used in our RTOS
F5 Networks Not Affected
Statement Date: July 03, 2023
| CVE-2022-3116 | Not Affected |
Vendor Statement
No F5 products or services use the affected Heimdal functionality.
References
Hewlett Packard Enterprise Not Affected
Statement Date: March 01, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Illumos Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We do not use Heimdal in base illumos for our GSSAPI. Because the report's conditions state:
It is believed that any binary which fulfills both of the following conditions:
- it is linked to an affected version of the Heimdal libgssapi library
- it allows SPNEGO to be used
is vulnerable to the attack described below.
illumos should not be affected. illumos users should contact security@illumos.org if they notice GSSAPI issues, however.
Intel Not Affected
Statement Date: January 31, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Verified Heimdal not used by Intel.
Internet Initiative Japan Inc. Not Affected
Statement Date: January 25, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Joyent Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We do not use Heimdal in base illumos for our GSSAPI, nor in any base SmartOS or Triton pkgsrc packages. (Optional pkgsrc packages may be affected, but these are on a per package basis.) Because the report's conditions state:
It is believed that any binary which fulfills both of the following conditions:
- it is linked to an affected version of the Heimdal libgssapi library
- it allows SPNEGO to be used
is vulnerable to the attack described below.
SmartOS and Triton should not be affected. SmartOS users should contact security@illumos.org if they notice GSSAPI issues (as they would be with illumos), however.
LANCOM Systems GmbH Not Affected
Statement Date: September 21, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
lwIP Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
McAfee Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Microsoft Not Affected
Statement Date: February 04, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Miredo Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Muonics Inc. Not Affected
Statement Date: January 25, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Muonics does not use Heimdal in any of its products and thus this vulnerability is not applicable.
NetComm Wireless Limited Not Affected
Statement Date: September 13, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
netsnmp Not Affected
Statement Date: January 26, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Paessler Not Affected
Statement Date: March 29, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Peplink Not Affected
Statement Date: June 07, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Samba Not Affected
Statement Date: October 31, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
Per Samba's bugzilla https://bugzilla.samba.org/show_bug.cgi?id=15204
https://samba-team.gitlab.io/samba/third_party/heimdal/lib/gssapi/spnego/index.html shows we don't run the Heimdal SPNEGO code.
Samba doesn't use Heimdal for SPNEGO, we handle the SPNEGO in GENSEC, not in Heimdal.
References
Sierra Wireless Not Affected
Statement Date: March 01, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
SUSE Linux Not Affected
Statement Date: January 27, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
SUSE is not shipping the heimdal krb5 implementation.
Treck Not Affected
Statement Date: January 24, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Zyxel Not Affected
Statement Date: April 06, 2022
| CVE-2022-3116 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
A10 Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ACCESS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Actelis Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Actiontec Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ADATA Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ADTRAN Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Advantech B-B Technology Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Advantech Taiwan Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aerohive Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AhnLab Inc Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AirWatch Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Akamai Technologies Inc. Unknown
Statement Date: August 23, 2022
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alcatel-Lucent Enterprise Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Allied Telesis Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alpine Linux Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Altran Intelligent Systems Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Amazon Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Android Open Source Project Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ANTlabs Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apple Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arcadyan Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arch Linux Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arista Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ARRIS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ASUSTeK Computer Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Atheros Communications Inc Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AT&T Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avaya Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Belkin Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bell Canada Enterprises Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlackBerry Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blackberry QNX Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlueCat Networks Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blue Coat Systems Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blunk Microsystems Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BoringSSL Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Broadcom Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Buffalo Technology Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cambium Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CA Technologies Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ceragon Networks Inc Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cirpack Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cisco Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CMX Systems Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Comcast Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Commscope Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Contiki OS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cricket Wireless Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cypress Semiconductor Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CZ.NIC Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Debian GNU/Linux Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dell Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dell EMC Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dell SecureWorks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DesktopBSD Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Devicescape Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
dnsmasq Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DragonFly BSD Project Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
eero Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
EfficientIP Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ENEA Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ericsson Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Espressif Systems Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
European Registry for Internet Domains Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Express Logic Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Extreme Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fastly Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fedora Project Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FNet Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Force10 Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fortinet Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FreeRTOS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
F-Secure Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gentoo Linux Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GFI Software Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU adns Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU glibc Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Google Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Grandstream Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Green Hills Software Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HCC Embedded Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Hitachi Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Honeywell Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HP Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HTC Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Huawei Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IBM Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IBM Corporation (zseries) Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IBM Numa-Q Division (Formerly Sequent) Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ICASI Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Infoblox Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
InfoExpress Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Inmarsat Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Internet Systems Consortium Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Internet Systems Consortium - DHCP Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IP Infusion Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
JH Software Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
JPCERT/CC Vulnerability Handling Team Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Juniper Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
kubernetes Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lancope Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lantronix Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lenovo Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
LG Electronics Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
LibreSSL Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Linksys Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
LITE-ON Technology Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
LiteSpeed Technologies Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lynx Software Technologies Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
m0n0wall Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Marconi Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Marvell Semiconductor Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
MediaTek Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Medtronic Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Men & Mice Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Metaswitch Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Microchip Technology Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Micro Focus Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
MikroTik Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Mitel Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Motorola Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
National Cyber Security Center Netherlands Unknown
Statement Date: August 24, 2022
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
National Cyber Security Centre Finland Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NCSC-FI Vulnerability Coordinator Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NEC Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NetBSD Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NetBurner Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NETGEAR Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NETSCOUT Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
netsnmpj Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Nexenta Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NIKSUN Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Nixu Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NLnet Labs Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Nokia Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OleumTech Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenBSD Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenBSD IPsec Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenConnect Ltd Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenDNS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenIndiana Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenSSL Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Openwall GNU/*/Linux Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenWRT Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Oracle Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Oryx Embedded Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Palo Alto Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
pfSense Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Philips Electronics Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Phoenix Contact Unknown
Statement Date: August 25, 2022
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
PHPIDS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
PowerDNS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Proxim Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Pulse Secure Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
QLogic Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
QNAP Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Quadros Systems Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Quagga Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Qualcomm Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Quantenna Communications Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Red Hat Unknown
Statement Date: January 25, 2022
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Riverbed Technologies Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Roku Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ruckus Wireless Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ruijie Networks Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Samsung Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Samsung Mobile Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Samsung Semiconductor Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Schneider Electric Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Secure64 Software Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
SEIKO EPSON Corp. / Epson America Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Slackware Linux Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
SMC Networks Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
SmoothWall Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Snort Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
SonicWall Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sonos Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sony Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sophos Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sourcefire Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Symantec Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Synology Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
systemd Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TCPWave Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TDS Telecom Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Technicolor Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Tenable Network Security Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
The OpenBSD project Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TippingPoint Technologies Inc. Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Tizen Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TP-LINK Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TrueOS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Turbolinux Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ubiquiti Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ubuntu Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Unisys Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Univention Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Untangle Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
VMware Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Vultures List Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Wind River Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
WizNET Technology Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
wolfSSL Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Xiaomi Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
XigmaNAS Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Xilinx Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Zebra Technologies Unknown
Statement Date: August 19, 2022
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Zephyr Project Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ZTE Corporation Unknown
| CVE-2022-3116 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Other Information
| CVE IDs: | CVE-2022-3116 |
| API URL: | VINCE JSON | CSAF |
| Date Public: | 2022-10-07 |
| Date First Published: | 2022-10-07 |
| Date Last Updated: | 2023-07-13 17:43 UTC |
| Document Revision: | 6 |