Candidate: CVE-2019-3859
PublicDate: 2019-03-21 16:01:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3859
 https://www.libssh2.org/CVE-2019-3859.html
 https://github.com/libssh2/libssh2/pull/315
 https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html
Description:
 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the
 _libssh2_packet_require and _libssh2_packet_requirev functions. A remote
 attacker who compromises a SSH server may be able to cause a Denial of
 Service or read data in the client memory.
Ubuntu-Description:
 It was discovered that libssh2 incorrectly handled certain specially
 crafted packets. A remote attacker could possibly use this issue to cause
 a denial of service or obtain sensitive information.
Notes:
 msalvatore> Upstream fix causes regression:
 msalvatore> https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html
 msalvatore> Follow up patch: https://github.com/libssh2/libssh2/commit/ca2744483eac4e707084df5fc55cc69d57571dde
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H [9.1 CRITICAL]


Patches_libssh2:
upstream_libssh2: needs-triage
precise/esm_libssh2: DNE
trusty_libssh2: ignored (out of standard support)
trusty/esm_libssh2: needed
xenial_libssh2: ignored (end of standard support, was needed)
bionic_libssh2: needed
cosmic_libssh2: ignored (reached end-of-life)
disco_libssh2: not-affected (1.8.0-2.1)
eoan_libssh2: not-affected (1.8.0-2.1)
focal_libssh2: not-affected (1.8.0-2.1)
groovy_libssh2: not-affected (1.8.0-2.1)
hirsute_libssh2: not-affected (1.8.0-2.1)
impish_libssh2: not-affected (1.8.0-2.1)
jammy_libssh2: not-affected (1.8.0-2.1)
devel_libssh2: not-affected (1.8.0-2.1)