CVE-2019-3862 — Improper Handling of Length Parameter Inconsistency in Libssh2

CWE-130 — Improper Handling of Length Parameter Inconsistency CWE-125 — Out-of-bounds Read15 documents9 sources

Severity

9.1CRITICALNVD

CNA7.3

EPSS

6.6%

top 8.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libssh2 THE Libssh2 Project Libssh2 Debian Linux +2 more

Timeline

PublishedMar 21

Latest updateOct 15

Description

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

▶NVDlibssh2/libssh2< 1.8.1

▶Debianlibssh2/libssh2< 1.8.0-2.1+3

▶CVEListV5the_libssh2_project/libssh21.8.1

▶NVDopensuse/leap42.3

Also affects: Debian Linux 8.0, Fedora 29

Patches

Patch: packetstormsecurity.com ↗Patch: www.openwall.com ↗Patch: seclists.org ↗

🔴Vulnerability Details

GHSA

GHSA-5c3r-rx33-wr79: An out of bounds read flaw was discovered in libssh2 before 1↗2022-05-14

▶

OSV

libssh2 vulnerabilities↗2022-03-07

▶

OSV

CVE-2019-3862: An out of bounds read flaw was discovered in libssh2 before 1↗2019-03-21

▶

CVEList

CVE-2019-3862: An out of bounds read flaw was discovered in libssh2 before 1↗2019-03-20

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Platform (libssh2) — CVE-2019-3862↗2022-10-15

▶

Ubuntu

libssh2 vulnerabilities↗2022-03-07

▶

Oracle

Oracle Oracle Communications Applications Risk Matrix: Platform (libssh2) — CVE-2019-3862↗2020-01-15

▶

Red Hat

libssh2: Out-of-bounds memory comparison with specially crafted message channel request↗2019-03-13

▶

Debian

CVE-2019-3862: libssh2 - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH...↗2019

▶

💬Community

Bugzilla

CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 mingw-libssh2: various flaws [fedora-all]↗2019-03-19

▶

Bugzilla

CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 mingw-libssh2: various flaws [epel-7]↗2019-03-19

▶

Bugzilla

CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 libssh2: various flaws [fedora-all]↗2019-03-19

▶

Bugzilla

CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 libssh: various flaws [fedora-all]↗2019-03-19

▶

Bugzilla

CVE-2019-3862 libssh2: Out-of-bounds memory comparison with specially crafted message channel request↗2019-03-11

▶