CVE-2019-17498
- Source
- https://cve.org/CVERecord?id=CVE-2019-17498
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-17498.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-17498
- Downstream
- Related
- Published
- 2019-10-21T22:15:10.523Z
- Modified
- 2026-05-15T12:03:42.899508107Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" ], "vendor_product": "debian:debian_linux", "extracted_events": [ { "last_affected": "8.0" }, { "last_affected": "9.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" ], "vendor_product": "fedoraproject:fedora", "extracted_events": [ { "last_affected": "30" }, { "last_affected": "31" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*" ], "vendor_product": "libssh2:libssh2", "extracted_events": [ { "last_affected": "1.9.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" ], "vendor_product": "opensuse:leap", "extracted_events": [ { "last_affected": "15.1" } ] } ] }- References
-
- http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html
- https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html
- https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html
- https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html
- https://security.netapp.com/advisory/ntap-20220909-0004/
- https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c
- https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/
- https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498
- https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480