CVE-2016-8858
First published: Fri Oct 14 2016(Updated: )
** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenSSH | =6.8 | |
| OpenSSH | =6.9 | |
| OpenSSH | =7.0 | |
| OpenSSH | =7.1 | |
| OpenSSH | =7.2 | |
| OpenSSH | =7.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
- https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1384860#c5
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1384566
- http://seclists.org/oss-sec/2016/q4/185
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1387116
- http://seclists.org/oss-sec/2016/q4/191
- https://bugzilla.redhat.com/show_bug.cgi?id=1384860
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h
- http://www.openwall.com/lists/oss-security/2016/10/19/3
- http://www.openwall.com/lists/oss-security/2016/10/20/1
- http://www.securityfocus.com/bid/93776
- http://www.securitytracker.com/id/1037057
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc
- https://security.gentoo.org/glsa/201612-18
- https://security.netapp.com/advisory/ntap-20180201-0001/
Frequently Asked Questions
What is the severity of CVE-2016-8858?
CVE-2016-8858 is classified as a denial of service vulnerability due to memory consumption issues caused by duplicate KEXINIT requests.
How do I fix CVE-2016-8858?
To address CVE-2016-8858, it is recommended to upgrade OpenSSH to a version later than 7.3.
Which versions of OpenSSH are affected by CVE-2016-8858?
CVE-2016-8858 affects OpenSSH versions 6.8 through 7.3.
Is CVE-2016-8858 actively being exploited in the wild?
There are currently no reports indicating active exploitation of CVE-2016-8858 in the wild.
What kind of attack does CVE-2016-8858 enable?
CVE-2016-8858 allows remote attackers to cause a denial of service by sending a large number of duplicate KEXINIT requests.
- agent/references
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-8858
- agent/severity
- agent/weakness
- agent/author
- agent/status
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/openbsd
- canonical/openssh
- version/openssh/6.8
- version/openssh/6.9
- version/openssh/7.0
- version/openssh/7.1
- version/openssh/7.2
- version/openssh/7.3
- status/disputed