CVE-2016-10011
Published
CVSS v3
N/A
CVSS v2
2.1
LOW
Affected
1
PROJECT
Description
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
Read-only git conversion of OpenBSD's official CVS src repository. Pull requests not accepted - send diffs to the tech@ mailing list.
GitHub