Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-3915

Опубликовано: 06 окт. 2020
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2020-3915: libssh2 security update (MODERATE)

[1.8.0-4]

  • fix integer overflow in SSH_MSG_DISCONNECT logic (CVE-2019-17498)

[1.8.0-3]

  • sanitize public header file (detected by rpmdiff)

[1.8.0-2]

  • fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863)
  • fix out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)
  • fix out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
  • fix zero-byte allocation in SFTP packet processing resulting in out-of-bounds read (CVE-2019-3858)
  • fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857)
  • fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856)
  • fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)

[1.8.0-1]

  • rebase to 1.8.0 (#1592784)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

libssh2

1.8.0-4.el7

libssh2-devel

1.8.0-4.el7

libssh2-docs

1.8.0-4.el7

Oracle Linux x86_64

libssh2

1.8.0-4.el7

libssh2-devel

1.8.0-4.el7

libssh2-docs

1.8.0-4.el7

Связанные CVE

CVE-2019-17498

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2019-17498

CVSS3: 8.1
ubuntu
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

redhat логотип

CVE-2019-17498

CVSS3: 6.5
redhat
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

nvd логотип

CVE-2019-17498

CVSS3: 8.1
nvd
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

msrc логотип

CVE-2019-17498

CVSS3: 8.1
msrc
около 5 лет назад

Описание отсутствует

debian логотип

CVE-2019-17498

CVSS3: 8.1
debian
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic i ...