Vulnerability Details : CVE-2019-3856
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Vulnerability category: OverflowMemory CorruptionExecute code
Exploit prediction scoring system (EPSS) score for CVE-2019-3856
Probability of exploitation activity in the next 30 days: 0.35%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 68 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2019-3856
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
[email protected] |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.6
|
5.9
|
[email protected] |
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
[email protected] |
CWE ids for CVE-2019-3856
-
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Assigned by:
- [email protected] (Primary)
- [email protected] (Secondary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by:
- [email protected] (Primary)
- [email protected] (Secondary)
References for CVE-2019-3856
-
https://access.redhat.com/errata/RHSA-2019:1652
Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856
Issue Tracking;Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20190327-0005/
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:1175
Third Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Patch;Third Party Advisory
-
https://www.debian.org/security/2019/dsa-4431
Third Party Advisory
-
https://seclists.org/bugtraq/2019/Apr/25
Mailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:1943
Third Party Advisory
-
https://www.libssh2.org/CVE-2019-3856.html
Patch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2019:0679
Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
Mailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/[email protected]/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
Mailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2399
Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:1791
Third Party Advisory
Products affected by CVE-2019-3856
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
- cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*