Описание
ELSA-2019-1884: libssh2 security update (MODERATE)
[1.4.3-12.0.1.el7_6.3]
- Bump and rebuild.
[1.4.3-12.el7_6.3]
- fix out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libssh2
1.4.3-12.0.1.el7_6.3
libssh2-devel
1.4.3-12.0.1.el7_6.3
libssh2-docs
1.4.3-12.0.1.el7_6.3
Oracle Linux x86_64
libssh2
1.4.3-12.0.1.el7_6.3
libssh2-devel
1.4.3-12.0.1.el7_6.3
libssh2-docs
1.4.3-12.0.1.el7_6.3
Связанные CVE
Связанные уязвимости
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.