VDB
GCVE-110-MAGEIA-2016-22
GCVE-110-MAGEIA-2016-22
Advisory Published
An information leak flaw was found in the way the OpenSSH client roaming
feature was implemented. A malicious server could potentially use this flaw to
leak portions of memory (possibly including private SSH keys) of a
successfully authenticated OpenSSH client (CVE-2016-0777).
A buffer overflow flaw was found in the way the OpenSSH client roaming feature
was implemented. A malicious server could potentially use this flaw to execute
arbitrary code on a successfully authenticated OpenSSH client if that client
used certain non-default configuration options (CVE-2016-0778).
The issue only affects OpenSSH clients making use of the ProxyCommand feature.
This update disables the roaming feature completely.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | openssh | 0 (affected), 6.6p1-5.6.mga5 (unaffected), 0 (affected), 6.6p1-5.6.mga5 (unaffected) | — |
| Mageia | lxde-common | 0 (affected), 0.99.0-9.3.mga5 (unaffected) | — |
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.