---

CVE-2016-10011 - log back

CVE-2016-10011 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Local
Type	+ Information disclosure
Description	+ It was found that there is a theoretical leak of host private key material to privilege-separated child processes via realloc() when reading keys. No such leak was observed in practice for normal-sized keys, nor does a leak to the child processes directly expose key material to unprivileged users.
References	+ https://www.openssh.com/txt/release-7.4 + http://seclists.org/oss-sec/2016/q4/705
Notes