In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-1991-1 | libssh2 security update |
![]() |
DLA-2848-1 | libssh2 security update |
![]() |
DLA-3559-1 | libssh2 security update |
![]() |
EUVD-2019-7852 | In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. |
![]() |
USN-5308-1 | libssh2 vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T01:40:15.913Z
Reserved: 2019-10-11T00:00:00
Link: CVE-2019-17498

No data.

Status : Modified
Published: 2019-10-21T22:15:10.523
Modified: 2024-11-21T04:32:22.850
Link: CVE-2019-17498


No data.