reports/GO-2021-0356.yaml - vulndb - Git at Google

 packages:
   - module: golang.org/x/crypto
     package: golang.org/x/crypto/ssh
     symbols:
       - ServerConfig.AddHostKey
     derived_symbols:
       - ServerConfig.AddHostKey
     versions:
       - fixed: 0.0.0-20220314234659-1baeb1ce4c0b
 description: |
     Attackers can cause a crash in SSH servers when the server has been
     configured by passing a Signer to ServerConfig.AddHostKey such that
      1) the Signer passed to AddHostKey does not implement AlgorithmSigner, and
      2) the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its
       PublicKey method.

     Servers that only use Signer implementations provided by the ssh package are
     unaffected.
 cves:
   - CVE-2022-27191
 ghsas:
   - GHSA-8c26-wmh5-6g9v
 links:
     pr: https://go.dev/cl/392355
     commit: https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d
     context:
       - https://groups.google.com/g/golang-announce
       - https://groups.google.com/g/golang-announce/c/-cp44ypCT5s
	packages:
	- module: golang.org/x/crypto
	package: golang.org/x/crypto/ssh
	symbols:
	- ServerConfig.AddHostKey
	derived_symbols:
	- ServerConfig.AddHostKey
	versions:
	- fixed: 0.0.0-20220314234659-1baeb1ce4c0b
	description: \|
	Attackers can cause a crash in SSH servers when the server has been
	configured by passing a Signer to ServerConfig.AddHostKey such that
	1) the Signer passed to AddHostKey does not implement AlgorithmSigner, and
	2) the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its
	PublicKey method.

	Servers that only use Signer implementations provided by the ssh package are
	unaffected.
	cves:
	- CVE-2022-27191
	ghsas:
	- GHSA-8c26-wmh5-6g9v
	links:
	pr: https://go.dev/cl/392355
	commit: https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d
	context:
	- https://groups.google.com/g/golang-announce
	- https://groups.google.com/g/golang-announce/c/-cp44ypCT5s