BSA-2019-764
21647
21 March 2019
21 March 2019
Closed
Low
4.0
Yes
CVE-2015-6564
Summary
Security Advisory ID : BSA-2019-764
Component : OpenSSH
Revision : 1.0: Final
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
Affected Products
Brocade Fabric OS - Impacted : Fixed in v7.4.2, v7.4.1d, v8.1.0 and later releases.
Products Confirmed Not Vulnerable
Brocade Network Advisor, Brocade SANnav
Workaround
Limit access to management interface using firewall and/or ipfilter.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | March 21, 2019 |