FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- OpenSSH Remote Denial of Service vulnerability

Affected packages
openssh-portable < 7.3p1_1
11.0 <= FreeBSD < 11.0_3
10.3 <= FreeBSD < 10.3_12

Details

VuXML ID 6a2cfcdc-9dea-11e6-a298-14dae9d210b8
Discovery 2016-10-19
Entry 2016-10-29
Modified 2016-11-02

Problem Description:

When processing the SSH_MSG_KEXINIT message, the server could allocate up to a few hundreds of megabytes of memory per each connection, before any authentication take place.

Impact:

A remote attacker may be able to cause a SSH server to allocate an excessive amount of memory. Note that the default MaxStartups setting on FreeBSD will limit the effectiveness of this attack.

References

CVE Name CVE-2016-8858
FreeBSD Advisory SA-16:33.openssh
URL http://seclists.org/oss-sec/2016/q4/191