878425 – app-crypt/heimdal: Buffer overflow in DES/DES3

Bug 878425 - app-crypt/heimdal: Buffer overflow in DES/DES3

Summary: app-crypt/heimdal: Buffer overflow in DES/DES3

Status:	RESOLVED DUPLICATE of bug 881429

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2022-10-27 05:16 UTC by Sam James
Modified:	2022-11-16 15:15 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2022-10-27 05:16:51 UTC

See https://github.com/heimdal/heimdal/pull/1018.

Comment 1 Sam James archtester

2022-10-27 05:17:16 UTC

"o CVE-2022-3437:  There is a limited write heap buffer overflow in the GSSAPI
                  unwrap_des() and unwrap_des3() routines of Heimdal (included
                  in Samba).
https://www.samba.org/samba/security/CVE-2022-3437.html

Comment 2 John Helmert III archtester

2022-11-16 15:14:51 UTC


*** This bug has been marked as a duplicate of bug 881429 ***