Description
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 rpm rhel10 | | | 0:0.12.0-2.el10 |
rpm rhel9 | | | 0:0.10.4-18.el9 |
 debian 14 | | =0.11.2-1 || =0.11.3-1 || >=0 <0.12.0-1 | 0.12.0-1 |
rpm rhel8 | | - | - |
debian 11 | | =0.10.4-1 || =0.10.4-2 || =0.10.5-1 || =0.10.5-2 || =0.10.5-3 || =0.10.5-3+hurd.1 || =0.10.6-1 || =0.10.6-2 || =0.10.6-3 || =0.11.1-1 || =0.11.1-2 || =0.11.2-1 || =0.11.3-1 || =0.12.0-1 || =0.12.0-2 || =0.12.0-3 || =0.9.5-1 || =0.9.5-1+deb11u1 || =0.9.6-1 || =0.9.6-2 || =0.9.7-0+deb11u1 || =0.9.8-0+deb11u1 || =0.9.8-0+deb11u2 | - |
debian 12 | | =0.10.5-2 || =0.10.5-3 || =0.10.5-3+hurd.1 || =0.10.6-0+deb12u1 || =0.10.6-0+deb12u2 || =0.10.6-1 || =0.10.6-2 || =0.10.6-3 || =0.11.1-1 || =0.11.1-2 || =0.11.2-1 || =0.11.3-1 || =0.12.0-1 || =0.12.0-2 || =0.12.0-3 | - |
debian 13 | | =0.11.2-1 || =0.11.2-1+deb13u1 || =0.11.3-1 || =0.12.0-1 || =0.12.0-2 || =0.12.0-3 | - |
