libssh-devel-0.7.2-2.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10036-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libssh-devel-0.7.2-2.1 on GA media These are all security issues fixed in the libssh-devel-0.7.2-2.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10036 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2012-4559/ SUSE CVE CVE-2012-4559 page https://www.suse.com/security/cve/CVE-2012-4560/ SUSE CVE CVE-2012-4560 page https://www.suse.com/security/cve/CVE-2012-4561/ SUSE CVE CVE-2012-4561 page https://www.suse.com/security/cve/CVE-2013-0176/ SUSE CVE CVE-2013-0176 page https://www.suse.com/security/cve/CVE-2014-0017/ SUSE CVE CVE-2014-0017 page https://www.suse.com/security/cve/CVE-2014-8132/ SUSE CVE CVE-2014-8132 page https://www.suse.com/security/cve/CVE-2015-3146/ SUSE CVE CVE-2015-3146 page openSUSE Tumbleweed libssh-devel-0.7.2-2.1 libssh-devel-doc-0.7.2-2.1 libssh4-0.7.2-2.1 libssh4-32bit-0.7.2-2.1 libssh-devel-0.7.2-2.1 as a component of openSUSE Tumbleweed libssh-devel-doc-0.7.2-2.1 as a component of openSUSE Tumbleweed libssh4-0.7.2-2.1 as a component of openSUSE Tumbleweed libssh4-32bit-0.7.2-2.1 as a component of openSUSE Tumbleweed Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. CVE-2012-4559 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4559.html CVE-2012-4559 https://bugzilla.suse.com/789827 SUSE Bug 789827 Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. CVE-2012-4560 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4560.html CVE-2012-4560 https://bugzilla.suse.com/789827 SUSE Bug 789827 The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors. CVE-2012-4561 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4561.html CVE-2012-4561 https://bugzilla.suse.com/789827 SUSE Bug 789827 The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet. CVE-2013-0176 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0176.html CVE-2013-0176 https://bugzilla.suse.com/802631 SUSE Bug 802631 https://bugzilla.suse.com/928323 SUSE Bug 928323 The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision. CVE-2014-0017 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-0017.html CVE-2014-0017 https://bugzilla.suse.com/866278 SUSE Bug 866278 https://bugzilla.suse.com/866286 SUSE Bug 866286 Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet. CVE-2014-8132 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-8132.html CVE-2014-8132 https://bugzilla.suse.com/910790 SUSE Bug 910790 https://bugzilla.suse.com/928323 SUSE Bug 928323 The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet. CVE-2015-3146 openSUSE Tumbleweed:libssh-devel-0.7.2-2.1 openSUSE Tumbleweed:libssh-devel-doc-0.7.2-2.1 openSUSE Tumbleweed:libssh4-0.7.2-2.1 openSUSE Tumbleweed:libssh4-32bit-0.7.2-2.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-3146.html CVE-2015-3146 https://bugzilla.suse.com/928323 SUSE Bug 928323