logo

Database

Out-of-bounds read In libssh2

Description

In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 22

10

Aliases

1. CVE-2019-131152. NVD-2019-131153. OSV-ALPINE-2019-131154. OSV-2019-131155. OSV-DEBIAN-2019-131156. GCVE-2019-131157. SECURITY-CVE-2019-131158. SECURITY-TRACKER-CVE-2019-13115

References

1. https://github.com/viz27/Libssh2-Exploit

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.