Wind River Support Network

HomeDefectsLIN5-21075
Fixed

LIN5-21075 : Security Advisory - openssh - CVE-2016-0778

Created: Jan 14, 2016    Updated: May 29, 2018
Resolved Date: Jan 24, 2016
Found In Version: 5.0.1.33
Fix Version: 5.0.1.35
Severity: Severe
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0778

Security Notices


Other Downloads


Live chat
Online