What is GHSA-xcgr-wv7g-4j33?

GHSA-xcgr-wv7g-4j33 is a security advisory published by GitHub Security Advisories with Medium severity. authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on...

Which CVE IDs does GHSA-xcgr-wv7g-4j33 cover?

GHSA-xcgr-wv7g-4j33 covers the following CVE IDs: CVE-2016-10011. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-xcgr-wv7g-4j33?

GHSA-xcgr-wv7g-4j33 has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-xcgr-wv7g-4j33MediumCVSS 5.5

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on...

Vendor

GitHub Security Advisories

Published

May 13, 2022

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2016-10011 →

📋 Description

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

🔗 References (14)

https://nvd.nist.gov/vuln/detail/CVE-2016-10011
https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9
https://access.redhat.com/errata/RHSA-2017:2029
https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
https://www.openssh.com/txt/release-7.4
http://www.openwall.com/lists/oss-security/2016/12/19/2
http://www.securityfocus.com/bid/94977
http://www.securitytracker.com/id/1037490
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://security.netapp.com/advisory/ntap-20171130-0002
https://github.com/advisories/GHSA-xcgr-wv7g-4j33