vulnerability
FreeBSD: VID-094e4a5b-6511-11ed-8c5e-206a8a720317 (CVE-2022-42898): krb5 -- Integer overflow vulnerabilities in PAC parsing
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:C) | Nov 15, 2022 | Nov 16, 2022 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Nov 15, 2022
Added
Nov 16, 2022
Modified
Dec 10, 2025
Description
MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing: Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. On 32-bit platforms an authenticated attacker may be able to cause heap corruption resulting in an RCE.
Solutions
freebsd-upgrade-package-krb5freebsd-upgrade-package-krb5-120freebsd-upgrade-package-krb5-119freebsd-upgrade-package-krb5-develfreebsd-upgrade-package-mysql57-serverfreebsd-upgrade-package-mysql-connector-c++freebsd-upgrade-package-mysql-connector-jfreebsd-upgrade-package-mysql-connector-odbcfreebsd-upgrade-package-mysql80-serverfreebsd-upgrade-base-13_1-release-p4freebsd-upgrade-base-12_3-release-p9
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.