CVE-2019-3858
First published: Mon Mar 11 2019(Updated: )
A server could send a specially crafted partial SFTP packet with a zero value for the payload length. This zero value would be used to then allocate memory resulting in a zero byte allocation and possible out of bounds read.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/libssh2 | 1.8.0-2.1 1.8.0-2.1+deb10u1 1.9.0-2 1.10.0-3 1.11.0-2 | |
| Libssh2 Libssh2 | <1.8.1 | |
| Fedoraproject Fedora | =29 | |
| Debian Debian Linux | =8.0 | |
| NetApp ONTAP Select Deploy administration utility | ||
| openSUSE Leap | =15.0 | |
| openSUSE Leap | =42.3 | |
| redhat/libssh2 | <1.8.1 | 1.8.1 |
| F5 BIG-IQ Centralized Management | >=8.2.0<=8.3.0 | |
| <1.8.1 | ||
| =29 | ||
| =8.0 | ||
| =15.0 | ||
| =42.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://libssh2.org/CVE-2019-3858.html
- https://libssh2.org/1.8.0-CVE/CVE-2019-3858.patch
- https://github.com/libssh2/libssh2/pull/316
- https://security-tracker.debian.org/tracker/CVE-2019-3858
- http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
- http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html
- http://www.openwall.com/lists/oss-security/2019/03/18/3
- http://www.securityfocus.com/bid/107485
- https://access.redhat.com/errata/RHSA-2019:2136
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858
- https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/
- https://seclists.org/bugtraq/2019/Apr/25
- https://seclists.org/bugtraq/2019/Mar/25
- https://security.netapp.com/advisory/ntap-20190327-0005/
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767
- https://www.debian.org/security/2019/dsa-4431
- https://www.libssh2.org/CVE-2019-3858.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
- https://www.openwall.com/lists/oss-security/2019/03/18/3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1690246
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1690247
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1690248
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1690408
- https://access.redhat.com/security/cve/cve-2019-3858
- https://bugzilla.redhat.com/show_bug.cgi?id=1687306
- https://my.f5.com/manage/s/article/K000148713
Frequently Asked Questions
What is CVE-2019-3858?
CVE-2019-3858 is an out of bounds read flaw in libssh2 before version 1.8.1.
What is the severity of CVE-2019-3858?
CVE-2019-3858 has a severity rating of 9.1 (critical).
How does CVE-2019-3858 affect the affected software?
CVE-2019-3858 affects the libssh2 package with versions before 1.8.1, Debian Linux 8.0, Fedora 29, openSUSE Leap 15.0 and 42.3, and NetApp ONTAP Select Deploy administration utility.
What is the impact of CVE-2019-3858?
CVE-2019-3858 could allow a remote attacker who compromises an SSH server to cause a Denial of Service or read data in the client memory.
How can I fix CVE-2019-3858?
To fix CVE-2019-3858, update to libssh2 version 1.8.1 or later.
- collector/security-tracker-debian
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/remedy
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-3858
- agent/software-canonical-lookup
- agent/first-publish-date
- collector/f5-advisory
- source/F5
- alias/CVE-2019-3862
- agent/severity
- agent/last-modified-date
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- package-manager/debian
- vendor/libssh2
- canonical/libssh2 libssh2
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/29
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- vendor/netapp
- canonical/netapp ontap select deploy administration utility
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.0
- version/opensuse leap/42.3
- package-manager/redhat
- vendor/f5
- canonical/f5 big-iq centralized management
- version/f5 big-iq centralized management/8.2.0
- version/f5 big-iq centralized management/8.3.0