blob: 83d9597a076196b6f85f509304061de870ca68bb [file] [log] [blame]
id: GO-2022-0968
modules:
- module: golang.org/x/crypto
versions:
- fixed: 0.0.0-20211202192323-5770296d904e
vulnerable_at: 0.0.0-20211117183948-ae814b36b871
packages:
- package: golang.org/x/crypto/ssh
symbols:
- gcmCipher.readCipherPacket
- chacha20Poly1305Cipher.readCipherPacket
derived_symbols:
- Dial
- NewClientConn
- NewServerConn
- curve25519sha256.Client
- curve25519sha256.Server
- dhGEXSHA.Client
- dhGEXSHA.Server
- dhGroup.Client
- dhGroup.Server
- ecdh.Client
- ecdh.Server
summary: Panic on malformed packets in golang.org/x/crypto/ssh
description: |-
Unauthenticated clients can cause a panic in SSH servers.
When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which
contains an empty plaintext causes a panic.
published: 2022-09-13T03:32:38Z
cves:
- CVE-2021-43565
ghsas:
- GHSA-gwc9-m7rh-j2ww
credits:
- Rod Hynes (Psiphon Inc)
references:
- web: https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs
- report: https://go.dev/issues/49932
- fix: https://go.dev/cl/368814/
review_status: REVIEWED