| Errata ID | 49 |
|---|---|
| Date | 2019-04-17 |
| Source package | libssh2 |
| Fixed in version | 1.7.0-1+deb9u1 |
| Description | This update addresses the following issues: * Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read (CVE-2019-3858) * Unchecked use of _libssh2_packet_require and _libssh2_packet_requirev resulting in out-of-bounds read (CVE-2019-3859) * Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860) * Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861) * Out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862) * Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) |
| Additional notes | |
| CVE ID | CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 |
| UCS Bug number | #49292 |
