Описание
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
EPSS
4.7 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
: null pointer dereference in libssh kex session id calculation
A flaw was found in libssh, a library that implements the SSH protocol ...
EPSS
4.7 Medium
CVSS3