#VU84540 Unchecked Return Value in libssh - CVE-2023-6918

Cybersecurity Help s.r.o.

Published: 2023-12-19

Vulnerability identifier: #VU84540

Vulnerability risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6918

CWE-ID: CWE-252

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libssh
Universal components / Libraries / Libraries used by multiple products

Vendor: libssh

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to libssh does not check for returned values of message digest (MD) operations in low memory conditions. A remote attacker can terminate the connection or force the library to use weak keys.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libssh: 0.3.0 - 0.10.5

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2254997
https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
https://www.libssh.org/security/advisories/CVE-2023-6918.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Multicluster Engine for Kubernetes 2.7

Anolis OS update for libssh

Fedora EPEL 10.0 update for libssh2

Fedora EPEL 10.1 update for libssh2

Fedora 40 update for libssh2

Fedora 41 update for libssh2

Multiple vulnerabilities in Dell PowerStore T Family

Multiple vulnerabilities in IBM Power Hardware Management Console (HMC)

Multiple vulnerabilities in Dell PowerStore X

Multiple vulnerabilities in IBM QRadar SIEM