Vulnerability Note VU#456088

OpenSSH Client contains a client information leak vulnerability and buffer overflow

Original Release date: 14 Jan 2016 | Last revised: 20 Jan 2016


OpenSSH client code versions 5.4 through 7.1p1 contains a client information leak vulnerability that could allow an OpenSSH client to leak information not limited to but including private keys, as well as a buffer overflow in certain non-default configurations.


CWE-200: Information Exposure - CVE-2016-0777

According to the OpenSSH release notes for version 7.1p2 :

     The OpenSSH client code between 5.4 and 7.1 contains experimental support for resuming SSH-connections (roaming).

    The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys.

    The authentication of the server host key prevents exploitation by a man-in-the-middle, so this information leak is restricted to connections to malicious or compromised servers.

CWE-122: Heap-based Buffer Overflow - CVE-2016-0778

According to Qualys, the API functions packet_write_wait() and ssh_packet_write_wait() may overflow in some scenarios after a successful reconnection.

Qualys also notes that:
    The buffer overflow, on the other hand, is present in the default configuration of the OpenSSH client but its exploitation requires two non-default options: a ProxyCommand, and either ForwardAgent (-A) or ForwardX11 (-X). This buffer overflow is therefore unlikely to have any real-world impact, but provides a particularly interesting case study.

For more information, please see Qualys's advisory. The CVSS score below is based on CVE-2016-0777.


A user that authenticates to a malicious or compromised server may reveal private data, including the user's private SSH key, or cause a buffer overflow that may lead to remote code execution in certain non-default configurations.


Apply an update

OpenSSH 7.1p2 has released to address these issues. Affected users are recommended to update as soon as possible.

If update is currently not an option, you may consider the following workaround:

Disable the 'UseRoaming' Feature

The vulnerable code in the client can be completely disabled by adding 'UseRoaming no' to the global ssh_config(5) file, or to user configuration in ~/.ssh/config, or by passing -oUseRoaming=no on the command line.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Debian GNU/LinuxAffected14 Jan 201614 Jan 2016
Hardened BSDAffected14 Jan 201614 Jan 2016
OpenBSDAffected14 Jan 201615 Jan 2016
OpenSSHAffected-14 Jan 2016
UbuntuAffected14 Jan 201614 Jan 2016
Openwall GNU/*/LinuxNot Affected14 Jan 201620 Jan 2016
ACCESSUnknown14 Jan 201614 Jan 2016
Alcatel-LucentUnknown14 Jan 201614 Jan 2016
AppleUnknown14 Jan 201614 Jan 2016
Arch LinuxUnknown14 Jan 201614 Jan 2016
Arista Networks, Inc.Unknown14 Jan 201614 Jan 2016
Aruba NetworksUnknown14 Jan 201614 Jan 2016
AT&TUnknown14 Jan 201614 Jan 2016
Avaya, Inc.Unknown14 Jan 201614 Jan 2016
Barracuda NetworksUnknown14 Jan 201614 Jan 2016
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N
Temporal 3.6 E:F/RL:OF/RC:C
Environmental 2.7 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND



This issue was previously coordinated and publicly disclosed by the Qualys Security Advisory Team.

This document was written by Brian Gardiner and Garret Wassermann.

Other Information

  • CVE IDs: CVE-2016-0777 CVE-2016-0778
  • Date Public: 14 Jan 2016
  • Date First Published: 14 Jan 2016
  • Date Last Updated: 20 Jan 2016
  • Document Revision: 45


If you have feedback, comments, or additional information about this vulnerability, please send us email.