{"id":"CVE-2023-2283","details":"A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.","modified":"2026-04-16T00:06:11.651749845Z","published":"2023-05-26T18:15:13.770Z","related":["ALSA-2023:3839","ALSA-2023:6643","SUSE-SU-2024:0140-1","SUSE-SU-2024:0525-1","SUSE-SU-2024:0539-1","openSUSE-SU-2024:12914-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"37"}],"cpe":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","source":"CPE_FIELD"},{"extracted_events":[{"last_affected":"8.0"}],"cpe":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","source":"CPE_FIELD"},{"extracted_events":[{"last_affected":"9.0"}],"cpe":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","source":"CPE_FIELD"}]},"references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/172861/libssh-0.9.6-0.10.4-pki_verify_data_signature-Authorization-Bypass.html"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/Feb/18"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2023-2283"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202312-05"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240201-0005/"},{"type":"ADVISORY","url":"https://www.libssh.org/security/advisories/CVE-2023-2283.txt"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2189736"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/libssh/libssh-mirror","events":[{"introduced":"67c0ce3d219a1565491c30d6e5815a73eaea70a4"},{"last_affected":"da6d026c125712d197479a7930b4efc117bfe7af"},{"introduced":"7f6b3fab4e8d4b97e73d5ca60ddc5a3d0f5880d2"},{"last_affected":"e8322817a9e5aaef0698d779ddd467a209a85d85"}],"database_specific":{"extracted_events":[{"introduced":"0.9.1"},{"last_affected":"0.9.6"},{"introduced":"0.10.0"},{"last_affected":"0.10.4"}],"cpe":"cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["libssh-0.10.0","libssh-0.10.2","libssh-0.10.3","libssh-0.10.4","libssh-0.9.1","libssh-0.9.2","libssh-0.9.3","libssh-0.9.4","libssh-0.9.5","libssh-0.9.6"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-2283.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}