CVE-2016-10708

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 7.4

Description The issue is related to a denial of service caused by a NULL pointer dereference and daemon crash in OpenSSH. This can be triggered by remote attackers via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, and is related to the kex.c and packet.c files. The error occurs when handling an out-of-sequence NEWKEYS message, allowing a remote attacker to cause a denial of service.

Recommendations For OpenSSH versions prior to 7.4, update to version 7.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the sshd server to minimize the risk of exploitation.

Exploit

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2018-2598

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2018-01500

CESA-2017_2029

CVE-2016-10708

DLA-1257-1

DLA-1500-1

OPENSUSE-SU-2018_2128-1

RHSA-2017:2029

RHSA-2017_2029

SUSE-SU-2018:1989-1

SUSE-SU-2018:2275-1

SUSE-SU-2018:2530-1

SUSE-SU-2018:2530-2

SUSE-SU-2018:2685-1

SUSE-SU-2018:2719-1

SUSE-SU-2018:3540-1

SUSE-SU-2018_1989-1

SUSE-SU-2018_2530-1

SUSE-SU-2018_2530-2

USN-3809-1

USN-3809-2

Affected Products

Alt Linux

Centos

Openssh

Red Hat

Suse

Ubuntu

CVE-2016-10708

Weakness Enumeration

Related Identifiers

Affected Products

References · 427