CVE-2019-17498

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-17498
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-17498.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-17498
Downstream
Related
Published
2019-10-21T22:15:10Z
Modified
2025-10-15T10:32:41.675890Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

References

Affected packages

Git / github.com/libssh2/libssh2

Affected ranges

Type
GIT
Repo
https://github.com/libssh2/libssh2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
dedcbd106f8e52d5586b0205bc7677e4c9868f9c

Affected versions

RELEASE.*

RELEASE.0.1
RELEASE.0.10
RELEASE.0.11
RELEASE.0.12
RELEASE.0.13
RELEASE.0.14
RELEASE.0.15
RELEASE.0.16
RELEASE.0.17
RELEASE.0.18
RELEASE.0.3
RELEASE.0.5
RELEASE.0.6
RELEASE.0.7
RELEASE.0.8
RELEASE.1.0
RELEASE.1.1

beforenb-0.*

beforenb-0.14

beforenb2-0.*

beforenb2-0.14

libssh2-1.*

libssh2-1.2
libssh2-1.2.1
libssh2-1.2.2
libssh2-1.2.3
libssh2-1.2.4
libssh2-1.2.5
libssh2-1.2.6
libssh2-1.2.7
libssh2-1.2.8
libssh2-1.2.9
libssh2-1.3.0
libssh2-1.4.0
libssh2-1.4.1
libssh2-1.4.2
libssh2-1.4.3
libssh2-1.5.0
libssh2-1.6.0
libssh2-1.7.0
libssh2-1.8.0
libssh2-1.9.0

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c",
        "signature_type": "Function",
        "digest": {
            "function_hash": "261505088534266311445285255293331755792",
            "length": 12097.0
        },
        "target": {
            "file": "src/packet.c",
            "function": "_libssh2_packet_add"
        },
        "id": "CVE-2019-17498-4ecb2cf7"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "134169250891193118529304932879379553847",
                "205310250524678314934555577121318039325",
                "153129567552562233549023166857273037888",
                "178571371398251300229519893039166702638",
                "72145293158586770308147922030597846856",
                "26729110877010587858654623724348773108",
                "49362216656574584973624410357610951344",
                "321298245864012238897609765862223817780",
                "35928507602771519079905685860166519231",
                "154500373189842991817102946133806428940",
                "165260082386745301364993297193505505821",
                "224084172619535272672790341246973090398",
                "5356660278860416646992393454495665580",
                "215185288519949424268549841841085459888",
                "41027521565758756400721139453438296743",
                "261770080105454089080864056643957326646",
                "112577356930656868917282695859156546607",
                "266091588552765774451985637383685229894",
                "161769171353065646776261864065306578590",
                "106289505878685820278644300603721530175",
                "239192671667185276821494449931361882054",
                "119841806266198942322557246315210598842",
                "185703913995006478349460337437414305001",
                "162441443838476641014842705979708130684",
                "183245701107550523990847736687199011265",
                "50426275079859766355449435496213490799",
                "324037346491845418402829931648401701867",
                "179688840526055267239603553007128508269",
                "264669166455797101183041518857048771469",
                "44646834277421589325966971756374060949",
                "82508341436968592692150147669647547214",
                "79003347772182151645683941089650774376",
                "249863810074470457690593679896838544992",
                "253210672333095990954285753391413575534",
                "336128189688039022752011594700859913608",
                "153291091772006957249977471727743164452",
                "23965398749853137458110744797193196914",
                "269605763674799612557017037989398087974",
                "29582490785044912089364730362447932295",
                "258315015777790198444196601037297632797",
                "152978136810771868822522218180542514737",
                "57312958982436694499078779749389722939",
                "57734602486406847187201186044700211719",
                "51438989373981932051151411266176576083",
                "61635492046474294702511841284264092832",
                "219459798151302566118951099564811896122",
                "141584221698062118268403157313352537570",
                "303446371127046191600335366631671521471",
                "114603074537250694026974277582493472820"
            ]
        },
        "target": {
            "file": "src/packet.c"
        },
        "id": "CVE-2019-17498-53d4378e"
    }
]