Potential NULL dereference in libssh's sftp server
Low
Vulnerability Details
Missing allocation check in sftp server processing read requests may
cause NULL dereference on low-memory conditions. The malicious client
can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers,
which is being unchecked for failure.
## Impact
This will likely crash the authenticated user sftp server's connection
(if implemented as forking as we recommend). For thread-based
servers, this might cause DoS also for legitimate users.
Actions
View on HackerOneReport Stats
- Report ID: 2070810
- State: Closed
- Substate: resolved
- Upvotes: 2