vulnerability
Red Hat: CVE-2019-3863: CVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Mar 25, 2019 | Mar 29, 2019 | Mar 27, 2026 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Mar 25, 2019
Added
Mar 29, 2019
Modified
Mar 27, 2026
Description
A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing in an out of bounds memory write error.
Solutions
redhat-upgrade-hivexredhat-upgrade-hivex-debuginforedhat-upgrade-hivex-debugsourceredhat-upgrade-hivex-develredhat-upgrade-libguestfsredhat-upgrade-libguestfs-bash-completionredhat-upgrade-libguestfs-benchmarkingredhat-upgrade-libguestfs-benchmarking-debuginforedhat-upgrade-libguestfs-debuginforedhat-upgrade-libguestfs-debugsourceredhat-upgrade-libguestfs-develredhat-upgrade-libguestfs-gfs2redhat-upgrade-libguestfs-gobjectredhat-upgrade-libguestfs-gobject-debuginforedhat-upgrade-libguestfs-gobject-develredhat-upgrade-libguestfs-inspect-iconsredhat-upgrade-libguestfs-javaredhat-upgrade-libguestfs-java-debuginforedhat-upgrade-libguestfs-java-develredhat-upgrade-libguestfs-javadocredhat-upgrade-libguestfs-man-pages-jaredhat-upgrade-libguestfs-man-pages-ukredhat-upgrade-libguestfs-rescueredhat-upgrade-libguestfs-rsyncredhat-upgrade-libguestfs-toolsredhat-upgrade-libguestfs-tools-credhat-upgrade-libguestfs-tools-c-debuginforedhat-upgrade-libguestfs-winsupportredhat-upgrade-libguestfs-xfsredhat-upgrade-libiscsiredhat-upgrade-libiscsi-debuginforedhat-upgrade-libiscsi-debugsourceredhat-upgrade-libiscsi-develredhat-upgrade-libiscsi-utilsredhat-upgrade-libiscsi-utils-debuginforedhat-upgrade-libssh2redhat-upgrade-libssh2-debuginforedhat-upgrade-libssh2-debugsourceredhat-upgrade-libssh2-develredhat-upgrade-libssh2-docsredhat-upgrade-libvirtredhat-upgrade-libvirt-adminredhat-upgrade-libvirt-admin-debuginforedhat-upgrade-libvirt-bash-completionredhat-upgrade-libvirt-clientredhat-upgrade-libvirt-client-debuginforedhat-upgrade-libvirt-daemonredhat-upgrade-libvirt-daemon-config-networkredhat-upgrade-libvirt-daemon-config-nwfilterredhat-upgrade-libvirt-daemon-debuginforedhat-upgrade-libvirt-daemon-driver-interfaceredhat-upgrade-libvirt-daemon-driver-interface-debuginforedhat-upgrade-libvirt-daemon-driver-networkredhat-upgrade-libvirt-daemon-driver-network-debuginforedhat-upgrade-libvirt-daemon-driver-nodedevredhat-upgrade-libvirt-daemon-driver-nodedev-debuginforedhat-upgrade-libvirt-daemon-driver-nwfilterredhat-upgrade-libvirt-daemon-driver-nwfilter-debuginforedhat-upgrade-libvirt-daemon-driver-qemuredhat-upgrade-libvirt-daemon-driver-qemu-debuginforedhat-upgrade-libvirt-daemon-driver-secretredhat-upgrade-libvirt-daemon-driver-secret-debuginforedhat-upgrade-libvirt-daemon-driver-storageredhat-upgrade-libvirt-daemon-driver-storage-coreredhat-upgrade-libvirt-daemon-driver-storage-core-debuginforedhat-upgrade-libvirt-daemon-driver-storage-diskredhat-upgrade-libvirt-daemon-driver-storage-disk-debuginforedhat-upgrade-libvirt-daemon-driver-storage-glusterredhat-upgrade-libvirt-daemon-driver-storage-gluster-debuginforedhat-upgrade-libvirt-daemon-driver-storage-iscsiredhat-upgrade-libvirt-daemon-driver-storage-iscsi-debuginforedhat-upgrade-libvirt-daemon-driver-storage-logicalredhat-upgrade-libvirt-daemon-driver-storage-logical-debuginforedhat-upgrade-libvirt-daemon-driver-storage-mpathredhat-upgrade-libvirt-daemon-driver-storage-mpath-debuginforedhat-upgrade-libvirt-daemon-driver-storage-rbdredhat-upgrade-libvirt-daemon-driver-storage-rbd-debuginforedhat-upgrade-libvirt-daemon-driver-storage-scsiredhat-upgrade-libvirt-daemon-driver-storage-scsi-debuginforedhat-upgrade-libvirt-daemon-kvmredhat-upgrade-libvirt-dbusredhat-upgrade-libvirt-dbus-debuginforedhat-upgrade-libvirt-dbus-debugsourceredhat-upgrade-libvirt-debuginforedhat-upgrade-libvirt-debugsourceredhat-upgrade-libvirt-develredhat-upgrade-libvirt-docsredhat-upgrade-libvirt-libsredhat-upgrade-libvirt-libs-debuginforedhat-upgrade-libvirt-lock-sanlockredhat-upgrade-libvirt-lock-sanlock-debuginforedhat-upgrade-libvirt-nssredhat-upgrade-libvirt-nss-debuginforedhat-upgrade-lua-guestfsredhat-upgrade-lua-guestfs-debuginforedhat-upgrade-nbdkitredhat-upgrade-nbdkit-bash-completionredhat-upgrade-nbdkit-basic-pluginsredhat-upgrade-nbdkit-basic-plugins-debuginforedhat-upgrade-nbdkit-debuginforedhat-upgrade-nbdkit-debugsourceredhat-upgrade-nbdkit-develredhat-upgrade-nbdkit-example-pluginsredhat-upgrade-nbdkit-example-plugins-debuginforedhat-upgrade-nbdkit-plugin-gzipredhat-upgrade-nbdkit-plugin-gzip-debuginforedhat-upgrade-nbdkit-plugin-python-commonredhat-upgrade-nbdkit-plugin-python3redhat-upgrade-nbdkit-plugin-python3-debuginforedhat-upgrade-nbdkit-plugin-vddkredhat-upgrade-nbdkit-plugin-vddk-debuginforedhat-upgrade-nbdkit-plugin-xzredhat-upgrade-nbdkit-plugin-xz-debuginforedhat-upgrade-netcfredhat-upgrade-netcf-debuginforedhat-upgrade-netcf-debugsourceredhat-upgrade-netcf-develredhat-upgrade-netcf-libsredhat-upgrade-netcf-libs-debuginforedhat-upgrade-perl-hivexredhat-upgrade-perl-hivex-debuginforedhat-upgrade-perl-sys-guestfsredhat-upgrade-perl-sys-guestfs-debuginforedhat-upgrade-perl-sys-virtredhat-upgrade-perl-sys-virt-debuginforedhat-upgrade-perl-sys-virt-debugsourceredhat-upgrade-python3-hivexredhat-upgrade-python3-hivex-debuginforedhat-upgrade-python3-libguestfsredhat-upgrade-python3-libguestfs-debuginforedhat-upgrade-python3-libvirtredhat-upgrade-python3-libvirt-debuginforedhat-upgrade-qemu-guest-agentredhat-upgrade-qemu-guest-agent-debuginforedhat-upgrade-qemu-imgredhat-upgrade-qemu-img-debuginforedhat-upgrade-qemu-kvmredhat-upgrade-qemu-kvm-block-curlredhat-upgrade-qemu-kvm-block-curl-debuginforedhat-upgrade-qemu-kvm-block-glusterredhat-upgrade-qemu-kvm-block-gluster-debuginforedhat-upgrade-qemu-kvm-block-iscsiredhat-upgrade-qemu-kvm-block-iscsi-debuginforedhat-upgrade-qemu-kvm-block-rbdredhat-upgrade-qemu-kvm-block-rbd-debuginforedhat-upgrade-qemu-kvm-block-sshredhat-upgrade-qemu-kvm-block-ssh-debuginforedhat-upgrade-qemu-kvm-commonredhat-upgrade-qemu-kvm-common-debuginforedhat-upgrade-qemu-kvm-coreredhat-upgrade-qemu-kvm-core-debuginforedhat-upgrade-qemu-kvm-debuginforedhat-upgrade-qemu-kvm-debugsourceredhat-upgrade-ruby-hivexredhat-upgrade-ruby-hivex-debuginforedhat-upgrade-ruby-libguestfsredhat-upgrade-ruby-libguestfs-debuginforedhat-upgrade-seabiosredhat-upgrade-seabios-binredhat-upgrade-seavgabios-binredhat-upgrade-sgabiosredhat-upgrade-sgabios-binredhat-upgrade-slofredhat-upgrade-superminredhat-upgrade-supermin-debuginforedhat-upgrade-supermin-debugsourceredhat-upgrade-supermin-develredhat-upgrade-virt-dibredhat-upgrade-virt-dib-debuginforedhat-upgrade-virt-p2v-makerredhat-upgrade-virt-v2vredhat-upgrade-virt-v2v-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.