FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Multiple vulnerabilities in Heimdal

Affected packages
13.1 <= FreeBSD < 13.1_4
12.3 <= FreeBSD < 12.3_9


VuXML ID 97c1b0f7-47b9-11ee-8e38-002590c1f29c
Discovery 2022-11-15
Entry 2023-08-31

Problem Description:

Multiple security vulnerabilities have been discovered in the Heimdal implementation of the Kerberos 5 network authentication protocols and KDC.


A malicious actor with control of the network between a client and a service using Kerberos for authentication can impersonate either the client or the service, enabling a man-in-the-middle (MITM) attack circumventing mutual authentication.

Note that, while CVE-2022-44640 is a severe vulnerability, possibly enabling remote code execution on other platforms, the version of Heimdal included with the FreeBSD base system cannot be exploited in this way on FreeBSD.


CVE Name CVE-2019-14870
CVE Name CVE-2021-44758
CVE Name CVE-2022-3437
CVE Name CVE-2022-42898
CVE Name CVE-2022-44640
FreeBSD Advisory SA-22:14.heimdal