PT-2016-1146 · Openssh+2 · Openssh+2

Ben Hawkes

Published

2016-01-19

Updated

2024-07-08

CVE-2016-1907

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 7.1p2

Description The issue is related to the ssh packet read poll2 function in the packet.c file, which allows remote attackers to cause a denial of service due to an out-of-bounds read and application crash via crafted network traffic. This is caused by a buffer overflow.

Recommendations For OpenSSH versions prior to 7.1p2, update to version 7.1p2 or later to resolve the issue. As a temporary workaround, consider restricting access to the ssh packet read poll2 function until a patch is available.

Exploit

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2016-1200

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2016-00407

CVE-2016-1907

USN-2966-1

Affected Products

Alt Linux

Openssh

Ubuntu

PT-2016-1146 · Openssh+2 · Openssh+2

CVE-2016-1907

Weakness Enumeration

Related Identifiers

Affected Products

References · 376