Your submission was sent successfully! Close

CVE-2015-3146

Published: 5 May 2015

The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libssh
Launchpad, Ubuntu, Debian
precise
Released (0.5.2-1ubuntu0.12.04.6)
trusty Does not exist
(trusty was released [0.6.1-0ubuntu3.3])
upstream
Released (0.6.5)
utopic Ignored
(reached end-of-life)
vivid Ignored
(reached end-of-life)
wily
Released (0.6.3-3ubuntu3.2)
Patches:
upstream: https://www.libssh.org/security/patches/CVE-2015-3146-libssh-0.5.5.patch