system/libssh2: CVE-2019-13115: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange
Bugzilla ID | 118 |
Alias(es) | CVE-2019-13115 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2019-07-26 12:18:48 -0500 |
Modified | 2019-08-04 19:20:31 -0500 |
Status | RESOLVED FIXED |
Version | 1.0-BETA3 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
URL | https://nvd.nist.gov/vuln/detail/CVE-2019-13115 |
Description
In libssh2 before 1.9.0,
kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c
has an integer overflow that could lead to an out-of-bounds read in
the way packets are read from the server. A remote attacker who
compromises a SSH server may be able to disclose sensitive information
or cause a denial of service condition on the client system when a
user connects to the server. This is related to an
_libssh2_check_length mistake, and is different from the various
issues fixed in 1.8.1, such as CVE-2019-3855.