authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
References
Configurations
History
13 Dec 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Sep 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-01-05 02:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-10011
Mitre link : CVE-2016-10011
CVE.ORG link : CVE-2016-10011
JSON object : View
Products Affected
openbsd
- openssh
CWE
CWE-320
Key Management Errors