CVE-2016-10011
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-10011
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10011.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-10011
- Downstream
- Related
- Published
- 2017-01-05T02:59:03Z
- Modified
- 2025-10-21T12:34:07Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
- References
-
- http://www.openwall.com/lists/oss-security/2016/12/19/2
- https://access.redhat.com/errata/RHSA-2017:2029
- https://security.netapp.com/advisory/ntap-20171130-0002/
- https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9
- http://www.securityfocus.com/bid/94977
- http://www.securitytracker.com/id/1037490
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
- https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
- https://www.openssh.com/txt/release-7.4
Affected packages
Git / github.com/openbsd/src
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openbsd/src
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"id": "CVE-2016-10011-0f8d3ee9",
"deprecated": false,
"digest": {
"line_hashes": [
"75525643093109034731553590261460840776",
"318455587152355419279819460226454456672",
"50390910067941858906014107870040528870",
"139459360037284384696710180020572442073",
"205445149505529878645094192427186871953",
"96170179190694496588613694385243789956",
"194186241473440258314860828432865186262",
"32910386434020412082145462822199810540",
"179250248721199213409874908512478678912",
"292351879166569457427476217505415422074"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "usr.bin/ssh/authfile.c"
},
"source": "https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9",
"signature_type": "Line"
},
{
"id": "CVE-2016-10011-c83da3a4",
"deprecated": false,
"digest": {
"length": 886.0,
"function_hash": "131967150470127632179863844496832158061"
},
"signature_version": "v1",
"target": {
"function": "sshkey_load_file",
"file": "usr.bin/ssh/authfile.c"
},
"source": "https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9",
"signature_type": "Function"
}
]