Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Ubuntu 20.04 LTS USN-6371-1 Moderate: libssh2 Network Crash Risk

Calendar Sep 14, 2023 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate Ubuntu libssh2 network crash
libssh2 could be made to crash if it received specially crafted network traffic. 
==========================================================================
Ubuntu Security Notice USN-6371-1
September 14, 2023

libssh2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

libssh2 could be made to crash if it received specially
crafted network traffic.

Software Description:
- libssh2: Client-side C library implementing the SSH2 protocol

Details:

It was discovered that libssh2 incorrectly handled memory
access. An attacker could possibly use this issue to cause
a crash.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   libssh2-1                       1.8.0-2.1ubuntu0.1

Ubuntu 18.04 LTS:
   libssh2-1                       1.8.0-1ubuntu0.1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
   libssh2-1                       1.5.0-2ubuntu0.1+esm2

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
   libssh2-1                       1.4.3-2ubuntu0.2+esm3

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-6371-1
   CVE-2020-22218

Package Information:
   https://launchpad.net/ubuntu/+source/libssh2/1.8.0-2.1ubuntu0.1
   https://launchpad.net/ubuntu/+source/libssh2/1.8.0-1ubuntu0.1

Ubuntu 20.04 LTS USN-6371-1 Moderate: libssh2 Network Crash Risk

ubuntu
Calendar Grey September 14, 2023
Dist Ubuntu Esm H88
A critical libssh2 flaw affects numerous Ubuntu versions, potentially causing system failures when processing malicious network traffic. Take immediate action!
libssh2 could be made to crash if it received specially crafted network traffic.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: libssh2 could be made to crash if it received specially crafted network traffic. Software Description: - libssh2: Client-side C library implementing the SSH2 protocol Details: It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash.

Topics%20covered

Topics Covered

security advisory moderate Ubuntu libssh2 network crash

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS:   libssh2-1                       1.8.0-2.1ubuntu0.1 Ubuntu 18.04 LTS:   libssh2-1                       1.8.0-1ubuntu0.1 Ubuntu 16.04 LTS (Available with Ubuntu Pro):   libssh2-1                       1.5.0-2ubuntu0.1+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro):   libssh2-1                       1.4.3-2ubuntu0.2+esm3 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-6371-1

  CVE-2020-22218

Ubuntu Security Notice USN-6371-1

Topics%20covered

Topics Covered

security advisory moderate Ubuntu libssh2 network crash

Package Information

  https://launchpad.net/ubuntu/+source/libssh2/1.8.0-2.1ubuntu0.1   https://launchpad.net/ubuntu/+source/libssh2/1.8.0-1ubuntu0.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here