| Título | libssh.org libssh libssh < 0.11.4; < 0.12.0 Out-of-Bounds Read |
|---|
| Descrição | The functions `sftp_extensions_get_name()` and `sftp_extensions_get_data()` had a wrong bounds check allowing to overrun allocated buffer, when queried for the extension name or data at an index matching the amount of extensions. The functions are used internally by libssh, which does not overrun the buffer, but they can be also used by end user applications if they want to query support for specific extension they want to use.
This is programming error. Vulnerable applications could cause crashes or printing or making decisions on uninitialized/unexpected data, but these are not controlled by any malicious server. |
|---|
| Fonte | ⚠️ https://www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt |
|---|
| Utilizador | Anonymous User |
|---|
| Submissão | 25/02/2026 07h23 (há 2 meses) |
|---|
| Moderação | 07/03/2026 18h55 (10 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 349709 [libssh até 0.11.3 SFTP Extension Name src/sftp.c sftp_extensions_get_name/sftp_extensions_get_data idx Divulgação de Informação] |
|---|
| Pontos | 20 |
|---|