Описание
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.11.3-1 |
| esm-infra/bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm5 |
| esm-infra/focal | released | 0.9.3-2ubuntu2.5+esm2 |
| esm-infra/xenial | released | 0.6.3-4.3ubuntu0.6+esm3 |
| jammy | released | 0.9.6-2ubuntu0.22.04.5 |
| noble | released | 0.10.6-2ubuntu0.2 |
| plucky | released | 0.11.1-1ubuntu0.2 |
| questing | released | 0.11.2-1ubuntu0.1 |
| upstream | released | 0.11.3 |
Показывать по
EPSS
4.7 Medium
CVSS3
Связанные уязвимости
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
A flaw was found in libssh, a library that implements the SSH protocol ...
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
EPSS
4.7 Medium
CVSS3