ArchLinux: 202004-11: libssh: denial of service

    Date 10 Apr 2020
    276
    Posted By LinuxSecurity Advisories
    The package libssh before version 0.9.4-1 is vulnerable to denial of service.
    Arch Linux Security Advisory ASA-202004-11
    ==========================================
    
    Severity: Medium
    Date    : 2020-04-09
    CVE-ID  : CVE-2020-1730
    Package : libssh
    Type    : denial of service
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1130
    
    Summary
    =======
    
    The package libssh before version 0.9.4-1 is vulnerable to denial of
    service.
    
    Resolution
    ==========
    
    Upgrade to 0.9.4-1.
    
    # pacman -Syu "libssh>=0.9.4-1"
    
    The problem has been fixed upstream in version 0.9.4.
    
    Workaround
    ==========
    
    This issue can be mitigated by disabling AES-CTR ciphers.
    
    Description
    ===========
    
    A malicious client or server could crash the counterpart implemented
    with libssh before 0.9.4. When AES-CTR ciphers are used and don't get
    fully initialized, libssh will crash when it tries to cleanup the AES-
    CTR ciphers when closing the connection.
    
    Impact
    ======
    
    A malicious client or server could crash the counterpart via a crafted
    SSH connection.
    
    References
    ==========
    
    https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
    https://www.libssh.org/security/advisories/CVE-2020-1730.txt
    https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.9&id=958afb1c6ad671fe2a8d671702a88843bb78fc38
    https://security.archlinux.org/CVE-2020-1730
    
    

    LinuxSecurity Poll

    Do you agree with Linus Torvalds' decision to reject the controversial patch mitigating the Snoop attack on Intel CPUs?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/28-do-you-agree-with-linus-torvalds-decision-to-reject-the-controversial-patch-mitigating-the-snoop-attack-on-intel-cpus?task=poll.vote&format=json
    28
    radio
    [{"id":"100","title":"Yes - this was undoubtedly the right decision.","votes":"1","type":"x","order":"1","pct":33.33,"resources":[]},{"id":"101","title":"Not sure...","votes":"2","type":"x","order":"2","pct":66.67,"resources":[]},{"id":"102","title":"No - he made a big mistake here.","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.