Wind River Support Network

HomeDefectsLIN8-2510
Fixed

LIN8-2510 : Security Advisory - openssh - CVE-2016-0778

Created: Jan 14, 2016    Updated: Dec 3, 2018
Resolved Date: Jan 24, 2016
Found In Version: 8.0
Fix Version: 8.0.0.2
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0778

Security Notices


Other Downloads


CVEs


Live chat
Online