[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] libssh: Possible heap-buffer overflow when rekeying (CVE-2021-3634)
From:       Marco Benatto <mbenatto () redhat ! com>
Date:       2021-08-26 14:58:35
Message-ID: CAOGQQ2-5630=HhmZbaxWr2bB3vHdzd=FE1hZ2jgCn71hxPZ2WA () mail ! gmail ! com
[Download RAW message or body]

Hello all,

a new vulnerability was made public today for libssh. It involves a
possible heap-buffer overflow when rekeying and had CVE-2021-3634
assigned to it.

Vulnerability summary:

"A malicious attacker can request rekey with key exchange algorithm
with digest of different size, causing libssh reading or writing
behind the buffer limits."

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/ (5.3)

You can find more detailed information regarding this issue on
libssh's security advisory:
https://www.libssh.org/security/advisories/CVE-2021-3634.txt
https://www.libssh.org/2021/08/26/libssh-0-9-6-security-release/

Thanks,

Marco Benatto
Red Hat Product Security
secalert@redhat.com for urgent response

[prev in list] [next in list] [prev in thread] [next in thread]