Описание
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| golang-go.crypto | fixed | 1:0.0~git20201221.eec23a3-1 | package | |
| golang-go.crypto | not-affected | buster | package | |
| golang-go.crypto | not-affected | stretch | package |
Примечания
https://go-review.googlesource.com/c/crypto/+/278852
https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
Introduced in: https://github.com/golang/crypto/commit/cbcb750295291b33242907a04be40e80801d0cfc (2019-05-10)
EPSS
Связанные уязвимости
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability
Уязвимость компонента golang.org/x/crypto/ssh библиотеки для языка программирования Go crypto, позволяющая нарушителю вызывать отказ в обслуживании SSH-серверов
EPSS