Vulnerability Details : CVE-2019-3863
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
Vulnerability category: OverflowMemory Corruption
Products affected by CVE-2019-3863
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
- cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-3863
0.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-3863
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.6
|
5.9
|
Red Hat, Inc. |
CWE ids for CVE-2019-3863
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: secalert@redhat.com (Secondary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2019-3863
-
https://access.redhat.com/errata/RHSA-2019:1652
RHSA-2019:1652 - Security Advisory - Red Hat Customer Portal
-
https://security.netapp.com/advisory/ntap-20190327-0005/
March 2019 Libssh2 Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
[security-announce] openSUSE-SU-2019:1109-1: moderate: Security update fThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:1175
RHSA-2019:1175 - Security Advisory - Red Hat Customer Portal
-
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Page not found | Oracle
-
https://www.debian.org/security/2019/dsa-4431
Debian -- Security Information -- DSA-4431-1 libssh2
-
https://seclists.org/bugtraq/2019/Apr/25
Bugtraq: [SECURITY] [DSA 4431-1] libssh2 security update
-
https://www.libssh2.org/CVE-2019-3863.html
libssh2 Security Advisory: CVE-2019-3863Patch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2019:1943
RHSA-2019:1943 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:0679
RHSA-2019:0679 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863
1687313 – (CVE-2019-3863) CVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writesIssue Tracking;Patch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
[SECURITY] [DLA 1730-1] libssh2 security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
[security-announce] openSUSE-SU-2019:1075-1: moderate: Security update fMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
[SECURITY] Fedora 28 Update: libssh2-1.8.1-1.fc28 - package-announce - Fedora Mailing-Lists
-
https://access.redhat.com/errata/RHSA-2019:2399
RHSA-2019:2399 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:1791
RHSA-2019:1791 - Security Advisory - Red Hat Customer Portal
Jump to