libssh: out-of-bounds read in sftp_handle()

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...

PT-2024-40265 · Libafl · Libafl

Name of the Vulnerable Software and Affected Versions: LibAFL versions prior to 0.11.2 Description: The issue arises from the misuse of the slice::from raw parts mut API, where a pointer is misaligned due to a direct cast from u8 to u16 raw pointer, leading to unsound behavior. The problem is...