CVE-2019-3862
CVE-2019-3862
In short
libssh2 has a flaw where it reads memory beyond allowed boundaries when processing certain SSH server responses. A compromised SSH server can crash your client or steal data from its memory.
Technical detail
An out-of-bounds read vulnerability exists in libssh2 <1.8.1 during parsing of SSH_MSG_CHANNEL_REQUEST packets with exit status and empty payload. The attack vector requires a compromised or malicious SSH server; impact includes denial of service and information disclosure from client process memory.
Summary generated and translated by AI from the official description.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected products
The libssh2 Project · libssh2Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.htmlhttp://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.htmlhttps://access.redhat.com/errata/RHSA-2019:1884https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862https://lists.debian.org/debian-lts-announce/2019/03/msg00032.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/https://seclists.org/bugtraq/2019/Apr/25https://seclists.org/bugtraq/2019/Mar/25https://security.netapp.com/advisory/ntap-20190327-0005/https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767