Advisories » MGASA-2015-0209

Updated libssh packages fix CVE-2015-3146

Publication date: 11 May 2015
Modification date: 07 Mar 2016
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-3146

Description

Updated libssh packages fix security vulnerability:

libssh versions 0.5.1 and above, but before 0.6.5, have a logical error in the
handling of a SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A detected
error did not set the session into the error state correctly and further
processed the packet which leads to a null pointer dereference. This is the
packet after the initial key exchange and doesn't require authentication.
This could be used for a Denial of Service (DoS) attack (CVE-2015-3146).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=15861
• https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3146

SRPMS

4/core

• libssh-0.5.5-2.3.mga4