Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Oct 2016 01:36:31 +0000
From: 石磊 <shilei-c@....cn>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
CC: "cve-assign@...re.org" <cve-assign@...re.org>
Subject: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH

Hi,

The OpenSSH has a memory exhaustion bug in key exchange process.
An unauthenticated peer could repeat the KEXINIT and cause allocation of up to 384MB(not 128MB that the official said).
In the default case, an attacker can build 100 such connections, which will consume 38400 MB of memory on the server.

The patch is here:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup


--
Regards,

Shi Lei / Gear Team, Qihoo 360 Inc.
GPG Key ID 37048936 / 5C4C 85C6 068C A5A0 23FA  0294 D9CE 9C25 3704 8936

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.