CLSA-2026-1778788223 libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...

JLSEC-2025-202 A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware M...

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-3861)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. This plugin on...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through handling of RTP packets in the NewPacket function of packetfactory.go. An attacker can trigger a panic in the system by sending malformed RTP packets containing a padding size...

K15637: GnuTLS vulnerability CVE-2013-2116

Security Advisory Description The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. CVE-2013-2116...

SUSE CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

SUSE CVE-2013-2116

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

DEBIAN-CVE-2020-16150

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

CVE-2020-16150

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

CVE-2020-16150

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS

Manuel Pégourié-Gonnard reports: When decrypting/authenticating DTLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the...

CVE-2014-2897

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0252)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by multiple vulnerabilities: - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attack...

libssh2: Out-of-bounds reads with specially crafted SSH packets

An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory...

DEBIAN-CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

ALPINE-CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

UBUNTU-CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Re...

krb5: denial of service flaws when handling padding length longer than the plaintext

A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application...