Описание
ELSA-2019-4692: libssh2 security update (IMPORTANT)
[1.4.3-12.0.1.el7_6.2]
- [Orabug: 29909723] Added patch CVE-2019-3862 added length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add()(CVE-2019-3862)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libssh2
1.4.3-12.0.1.el7_6.2
libssh2-devel
1.4.3-12.0.1.el7_6.2
libssh2-docs
1.4.3-12.0.1.el7_6.2
Oracle Linux x86_64
libssh2
1.4.3-12.0.1.el7_6.2
libssh2-devel
1.4.3-12.0.1.el7_6.2
libssh2-docs
1.4.3-12.0.1.el7_6.2
Связанные CVE
Связанные уязвимости
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.