Memory Management Flaw in libssh Versions Impacting Secure Shell Protocols
CVE-2021-3634

6.5MEDIUM

Key Information:

Vendor: Libssh
Status: Libssh
Vendor: CVE Published:; 31 August 2021

What is CVE-2021-3634?

A vulnerability exists in libssh versions prior to 0.9.6 due to improper management of session identifiers during SSH protocol key re-exchange. The flawed memory handling allows the session_id buffer to retain previous values, leading to potential issues when a new secret_hash of differing size is created. This misalignment can compromise the integrity of secure sessions, allowing attackers to exploit the SSH protocol more effectively if not addressed.

Affected Version(s)

libssh libssh 0.9.6

References

https://bugzilla.redhat.com/show_bug.cgi?id=1978810

https://www.debian.org/security/2021/dsa-4965

vendor-advisory

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 31, 2021
Vulnerability Reserved
Jul 2, 2021

JSON

Libssh

What is CVE-2021-3634?

Affected Version(s)

References

CVSS V3.1

Timeline