CVE-2016-10011 log
| Source |
|
| Severity | Low |
| Remote | No |
| Type | Information disclosure |
| Description | It was found that there is a theoretical leak of host private key material to privilege-separated child processes via realloc() when reading keys. No such leak was observed in practice for normal-sized keys, nor does a leak to the child processes directly expose key material to unprivileged users. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-110 | openssh | 7.3p1-2 | 7.4p1-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 22 Dec 2016 | ASA-201612-20 | AVG-110 | openssh | Medium | multiple issues |
| References |
|---|
https://www.openssh.com/txt/release-7.4 http://seclists.org/oss-sec/2016/q4/705 |