CVE-2016-0778

Publication date 14 January 2016

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

8.1 · High

Score breakdown

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.

Status

Package Ubuntu Release Status
openssh 15.10 wily
Fixed 1:6.9p1-2ubuntu0.1
15.04 vivid
Fixed 1:6.7p1-5ubuntu1.4
14.04 LTS trusty
Fixed 1:6.6p1-2ubuntu2.4
12.04 LTS precise
Fixed 1:5.9p1-5ubuntu1.8

Severity score breakdown

Parameter Value
Base score 8.1 · High
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H