Ask the Community
Groups
CVE-2016-10012 openssh: Bounds check evaded in shared memory manager with pre-authentication compression support - Connect IT Community | Kaseya
<main> <article class="userContent"> <h3 data-id="cve-id"><strong>CVE ID</strong></h3> <p>CVE-2016-10012</p> <h3 data-id="description"><strong>DESCRIPTION</strong></h3> <p>It was found that the boundary checks in the code implementing support for pre-authentication compression could have been optimized out by certain compilers. An attacker able to compromise the privilege-separated process could possibly use this flaw for further attacks against the privileged monitor process.<br><br>In order to exploit this flaw, the attacker needs to first compromise the sandboxed privilege-separation process by using another security flaw. Because of this restriction for successful exploitation, this issue has been rated as having Low security impact. A future update to Red Hat Enterprise Linux 7 will address this flaw.</p> <h3 data-id="resolution"><strong>RESOLUTION</strong></h3> <p>CentOS6 openssh - Will not fix<br>CentOS7 openssh - Use openssh-7.4p1-11.el7.x86_64.rpm</p> <h3 data-id="link-to-advisories"><strong>LINK TO ADVISORIES</strong></h3> <p></p> <ul><li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fnvd.nist.gov%2Fvuln%2Fdetail%2FCVE-2016-10012%250D%250Ahttps%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2Fcve-2016-10012%250D%250Ahttps%3A%2F%2Faccess.redhat.com%2Ferrata%2FRHSA-2017%3A2029">https://nvd.nist.gov/vuln/detail/CVE-2016-10012 https://access.redhat.com/security/cve/cve-2016-10012 https://access.redhat.com/errata/RHSA-2017:2029</a></li> <li><a rel="nofollow" href="(if">(if</a></li> <li><a rel="nofollow" href="CentOS7)">CentOS7)</a></li> </ul> </article> </main>