Vulnerability Description
A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticated user's sftp server connection (if implemented as forking as recommended). For thread-based servers, this might also cause DoS for legitimate users. Given this code is not in any released versions, no security releases have been issued.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libssh | Libssh | < 0.8.9 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/security/cve/CVE-2023-3603Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2221791Issue TrackingThird Party Advisory
- https://access.redhat.com/security/cve/CVE-2023-3603Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2221791Issue TrackingThird Party Advisory
FAQ
What is CVE-2023-3603?
CVE-2023-3603 is a vulnerability with a CVSS score of 3.1 (LOW). A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of u...
How severe is CVE-2023-3603?
CVE-2023-3603 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-3603?
Check the references section above for vendor advisories and patch information. Affected products include: Libssh Libssh.