| Название | libssh.org libssh libssh < 0.11.4; < 0.12.0 Out-of-Bounds Read |
|---|
| Описание | The functions `sftp_extensions_get_name()` and `sftp_extensions_get_data()` had a wrong bounds check allowing to overrun allocated buffer, when queried for the extension name or data at an index matching the amount of extensions. The functions are used internally by libssh, which does not overrun the buffer, but they can be also used by end user applications if they want to query support for specific extension they want to use.
This is programming error. Vulnerable applications could cause crashes or printing or making decisions on uninitialized/unexpected data, but these are not controlled by any malicious server. |
|---|
| Источник | ⚠️ https://www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt |
|---|
| Пользователь | Anonymous User |
|---|
| Представление | 25.02.2026 07:23 (2 месяцы назад) |
|---|
| Модерация | 07.03.2026 18:55 (10 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 349709 [libssh до 0.11.3 SFTP Extension Name src/sftp.c sftp_extensions_get_name/sftp_extensions_get_data idx раскрытие информации] |
|---|
| Баллы | 20 |
|---|