Описание
ELSA-2019-4693: libssh2 security update (IMPORTANT)
[1.4.2-2.0.1.el6_7.1]
- [Orabug: 29909723] Added patch CVE-2019-3862. Added Additional length checks to prevent out-of-bounds (CVE-2019-3862)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
libssh2
1.4.2-2.0.1.el6_7.1
libssh2-devel
1.4.2-2.0.1.el6_7.1
libssh2-docs
1.4.2-2.0.1.el6_7.1
Oracle Linux i686
libssh2
1.4.2-2.0.1.el6_7.1
libssh2-devel
1.4.2-2.0.1.el6_7.1
libssh2-docs
1.4.2-2.0.1.el6_7.1
Связанные CVE
Связанные уязвимости
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.