Allele Security Alert
Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes
The libssh2 project
libssh2 versions 0.1 up to and including 1.8.0
Proof of concept
A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CWE-130).
Chris Coulson (Canonical Ltd)
libssh2 Security Advisory: CVE-2019-3863
[SECURITY ADVISORIES] libssh2
Security fixes (#315) · libssh2/libssh2@dc109a7
Security fixes by willco007 · Pull Request #315 · libssh2/libssh2
CVE-2019-3863 - Red Hat Customer Portal
CVE-2019-3863 | SUSE
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: March 19, 2019