| 제목 | libssh.org libssh libssh < 0.11.4; < 0.12.0 Out-of-Bounds Read |
|---|
| 설명 | The functions `sftp_extensions_get_name()` and `sftp_extensions_get_data()` had a wrong bounds check allowing to overrun allocated buffer, when queried for the extension name or data at an index matching the amount of extensions. The functions are used internally by libssh, which does not overrun the buffer, but they can be also used by end user applications if they want to query support for specific extension they want to use.
This is programming error. Vulnerable applications could cause crashes or printing or making decisions on uninitialized/unexpected data, but these are not controlled by any malicious server. |
|---|
| 원천 | ⚠️ https://www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2026. 02. 25. AM 07:23 (1 월 ago) |
|---|
| 모더레이션 | 2026. 03. 07. PM 06:55 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 349709 [libssh 까지 0.11.3 SFTP Extension Name src/sftp.c sftp_extensions_get_name/sftp_extensions_get_data idx 정보 공개] |
|---|
| 포인트들 | 20 |
|---|