VDB

GCVE-110-MAGEIA-2016-22

GCVE-110-MAGEIA-2016-22
Advisory Published
Vulnetix · Advisory published January 15, 2016
An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory (possibly including private SSH keys) of a successfully authenticated OpenSSH client (CVE-2016-0777). A buffer overflow flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to execute arbitrary code on a successfully authenticated OpenSSH client if that client used certain non-default configuration options (CVE-2016-0778). The issue only affects OpenSSH clients making use of the ProxyCommand feature. This update disables the roaming feature completely.

Affected Products

VendorProductVersionsPlatforms
Mageiaopenssh0 (affected), 6.6p1-5.6.mga5 (unaffected), 0 (affected), 6.6p1-5.6.mga5 (unaffected)
Mageialxde-common0 (affected), 0.99.0-9.3.mga5 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›