ASA-2019-00150 – libssh2: Out-of-bounds memory comparison

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00150

Identifier(s)

ASA-2019-00150, CVE-2019-3862

Title

Out-of-bounds memory comparison

Vendor(s)

The libssh2 project

Product(s)

libssh2

Affected version(s)

libssh2 versions 0.11 up to and including 1.8.0

Fixed version(s)

libssh2 1.8.1

Proof of concept

Unknown

Description

A server could send a specially crafted SSH_MSG_CHANNEL_REQUEST packet with an exit status message and no payload. This would result in an out of bounds memory comparison (CWE-130).

Technical details

Unknown

Credits

Chris Coulson (Canonical Ltd)

Reference(s)

libssh2 Security Advisory: CVE-2019-3862
https://www.libssh2.org/CVE-2019-3862.html

[SECURITY ADVISORIES] libssh2
https://seclists.org/oss-sec/2019/q1/184

Security fixes (#315) · libssh2/libssh2@dc109a7
https://github.com/libssh2/libssh2/commit/dc109a7f518757741590bb993c0c8412928ccec2

Security fixes by willco007 · Pull Request #315 · libssh2/libssh2
https://github.com/libssh2/libssh2/pull/315

CVE-2019-3862 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-3862

CVE-2019-3862
https://security-tracker.debian.org/tracker/CVE-2019-3862

CVE-2019-3862 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-3862.html

CVE-2019-3862 | SUSE
https://www.suse.com/security/cve/CVE-2019-3862

CVE-2019-3862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3862

CVE-2019-3862
https://nvd.nist.gov/vuln/detail/CVE-2019-3862

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: March 19, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.