CVE-2016-10011 - log back

CVE-2016-10011 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Information disclosure
Description
+ It was found that there is a theoretical leak of host private key material to privilege-separated child processes via realloc() when reading keys. No such leak was observed in practice for normal-sized keys, nor does a leak to the child processes directly expose key material to unprivileged users.
References
+ https://www.openssh.com/txt/release-7.4
+ http://seclists.org/oss-sec/2016/q4/705
Notes