Buffer Overflow Vulnerability in OpenSSH's Shared Memory Manager
CVE-2016-10012

7.8HIGH

Key Information:

Vendor
OpenBSD
Status
Openssh
Vendor
CVE Published:
5 January 2017

Summary

The shared memory manager in OpenSSH prior to version 7.4 contains a vulnerability that fails to adequately enforce bounds checks across various compilers. This can potentially allow local users to exploit the system by leveraging access to a sandboxed privilege-separation process. The vulnerability is associated with the management of the m_zback and m_zlib data structures, posing a significant risk for user privilege escalation.

References

https://security.netapp.com/advisory/ntap-20171130-0002/
http://www.openwall.com/lists/oss-security/2016/12/19/2
mailing-list
http://www.securitytracker.com/id/1037490
vdb-entry

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.