Libssh: missing checks for return values for digests
CVE-2023-6918

5.3MEDIUM

Key Information:

Vendor: Red Hat
Status: libssh; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8
Vendor: CVE Published:; 19 December 2023

Summary

A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.

Affected Version(s)

libssh 0.9.8

libssh 0.10.6

References

https://access.redhat.com/security/cve/CVE-2023-6918

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2254997

issue-trackingx_refsource_REDHAT

https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 19, 2023
Vulnerability Reserved
Dec 18, 2023

Credit

Red Hat would like to thank Jack Weinstein (<[email protected]>) for reporting this issue.