Candidate: CVE-2019-13115
PublicDate: 2019-07-16 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115
Description:
 In libssh2 before 1.9.0,
 kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has
 an integer overflow that could lead to an out-of-bounds read in the way
 packets are read from the server. A remote attacker who compromises a SSH
 server may be able to disclose sensitive information or cause a denial of
 service condition on the client system when a user connects to the server.
 This is related to an _libssh2_check_length mistake, and is different from
 the various issues fixed in 1.8.1, such as CVE-2019-3855.
Ubuntu-Description:
 It was discovered that libssh2 incorrectly handled Diffie Hellman key
 exchange. A remote attacker could possibly use this issue to cause a
 denial of service or obtain sensitive information.
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H [8.1 HIGH]
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H [8.1 HIGH]


Patches_libssh2:
 upstream: https://github.com/libssh2/libssh2/commit/ff1b155731ff8f790f12d980911d9fd84d0e1598
upstream_libssh2: released (1.9.0, 1.4.3-4.1+deb8u4)
precise/esm_libssh2: DNE
trusty_libssh2: ignored (out of standard support)
trusty/esm_libssh2: needed
xenial_libssh2: ignored (end of standard support, was needed)
bionic_libssh2: needed
cosmic_libssh2: ignored (reached end-of-life)
disco_libssh2: ignored (reached end-of-life)
eoan_libssh2: ignored (reached end-of-life)
focal_libssh2: needed
groovy_libssh2: ignored (reached end-of-life)
hirsute_libssh2: not-affected (1.9.0-1)
impish_libssh2: not-affected (1.9.0-1)
jammy_libssh2: not-affected (1.9.0-1)
devel_libssh2: not-affected (1.9.0-1)