| id: GO-2021-0356 |
| modules: |
| - module: golang.org/x/crypto |
| versions: |
| - fixed: 0.0.0-20220314234659-1baeb1ce4c0b |
| vulnerable_at: 0.0.0-20220314234646-fcc990c556fe |
| packages: |
| - package: golang.org/x/crypto/ssh |
| symbols: |
| - ServerConfig.AddHostKey |
| summary: Denial of service via crafted Signer in golang.org/x/crypto/ssh |
| description: |- |
| Attackers can cause a crash in SSH servers when the server has been configured |
| by passing a Signer to ServerConfig.AddHostKey such that |
| 1) the Signer passed to AddHostKey does not implement AlgorithmSigner, and |
| 2) the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its |
| PublicKey method. |
| |
| Servers that only use Signer implementations provided by the ssh package are |
| unaffected. |
| published: 2022-04-25T20:38:40Z |
| cves: |
| - CVE-2022-27191 |
| ghsas: |
| - GHSA-8c26-wmh5-6g9v |
| references: |
| - fix: https://go.dev/cl/392355 |
| - fix: https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d |
| - web: https://groups.google.com/g/golang-announce |
| - web: https://groups.google.com/g/golang-announce/c/-cp44ypCT5s |
| review_status: REVIEWED |