K 10
svn:author
V 6
emaste
K 8
svn:date
V 27
2024-02-21T20:27:21.893614Z
K 7
svn:log
V 793
heimdal: Fix NULL deref

A flawed logical condition allows a malicious actor to remotely
trigger a NULL pointer dereference using a crafted negTokenInit
token.

Upstream notes:

    Reported to Heimdal by Michał Kępień <michal@isc.org>.

    From the report:

    Acknowledgement
    ---------------

    This flaw was found while working on addressing ZDI-CAN-12302: ISC BIND
    TKEY Query Heap-based Buffer Overflow Remote Code Execution
    Vulnerability, which was reported to ISC by Trend Micro's Zero Day

Security:	CVE-2022-3116
Obtained from:	upstream 7a19658c1

(cherry picked from commit fc773115fa2dbb6c01377f2ed47dabf79a4e361a)
(cherry picked from commit 6b421e431a2de6eb9e8bd670efffe76e6617d520)

Git Hash:   bec5e729ceef12259609dbd8f5191e19464be95d
Git Author: cy@FreeBSD.org
END