CVE-2016-10012 log

Severity Low
Remote Yes
Type Insufficient validation
It was found that the shared memory manager used by pre-authentication compression support had a bounds checks that could be elided by some optimizing compilers. Additionally, this memory manager was incorrectly accessible when pre-authentication compression was disabled. This could potentially allow attacks against the privileged monitor process from the sandboxed privilege-separation process (a compromise of the latter would be required first).
Group Package Affected Fixed Severity Status Ticket
AVG-110 openssh 7.3p1-2 7.4p1-1 Medium Fixed
Date Advisory Group Package Severity Type
22 Dec 2016 ASA-201612-20 AVG-110 openssh Medium multiple issues