70 matches found
GHSA-3PV8-6F4R-FFG2 tar has a PAX header desynchronization issue
Summary When a tar stream contains multiple "header" entries prior to a file entry, tar-rs applies the PAX header x to the next entry in the stream, regardless of type. For example, a stream of x - L - file PAX, GNU longname, file would result in x's extensions being applied to L rather than to...
tar has a PAX header desynchronization issue
Summary When a tar stream contains multiple "header" entries prior to a file entry, tar-rs applies the PAX header x to the next entry in the stream, regardless of type. For example, a stream of x - L - file PAX, GNU longname, file would result in x's extensions being applied to L rather than to...
Astra Linux - уязвимость в libtar
An attacker who submits a crafted tar file with a size of 0 in the header struct field may be able to trigger a call to malloc0 for the variable gnulongname, resulting in an out-of-bounds read...
libssh: libssh: Denial of Service due to malformed SFTP message
A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...
libssh: libssh: Denial of Service due to malformed SFTP message
A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: Fix for oops due to invalid pointer for kfree in parselongname This fix addresses a kernel oops that occurs when reading ceph snapshot directories .snap. For example, simply running ls /mnt/myceph/.snap can cause the issue...
Astra Linux - уязвимость в libtar
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects a NUL-terminated string. … And parselongname does not guarantee this. That’s why it uses kmemdupnul to create a NUL-terminated copy of the string for kstrtou64; The problem is that kstrtou64...
Astra Linux - уязвимость в libssh
A flaw was discovered in libssh, where a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed ‘longname’ field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond the allocated memory on the heap. Thi...
Medium: libssh
Issue Overview: libssh OOB Read in sftpparselongname CVE-2026-0968 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.11.20260427 or dnf update --advisory ALAS2023-2026-1632 --releasever 2023.11.20260427 to update your system. More information on how to update you...
CLSA-2026-1776705065 libssh: Fix of CVE-2026-0968
CVE-2026-0968: sanitize input handling in sftpparselongname to prevent OOB read when processing malformed SFTP longname fields, add unit tests...
CLSA-2026-1776703400 libssh: Fix of CVE-2026-0968
CVE-2026-0968: sanitize input handling in sftpparselongname to prevent OOB read when processing malformed SFTP longname fields, add unit tests...
CLSA-2026-1776701249 libssh: Fix of CVE-2026-0968
CVE-2026-0968: sanitize input handling in sftpparselongname to prevent OOB read when processing malformed SFTP longname fields, add unit tests...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. CVE-2026-0964: SCP protocol path traversal in sshscppullrequest bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected...
SUSE-SU-2026:1344-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. - CVE-2026-0964: SCP protocol path traversal in sshscppullrequest bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected...
CLSA-2026-1776181240 libssh: Fix of CVE-2026-0968
Fix CVE-2026-0968 - sftpparselongname out-of-bounds access...
CLSA-2026-1776178207 libssh: Fix of CVE-2026-0968
CVE-2026-0968: sftpparselongname out-of-bounds access...
CVE-2026-0968
A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...
CVE-2026-0968
A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...
CVE-2026-0968 Libssh: libssh: denial of service due to malformed sftp message
A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...