CVE-2023-1667

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-1667

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1667.json

Related

ALSA-2023:3839
ALSA-2023:6643
DLA-3437-1
DSA-5409-1
RLSA-2023:3839
USN-6138-1

Published

2023-05-26T18:15:10Z

Modified

2023-12-22T13:05:50.805064Z

Details

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.

References

http://www.libssh.org/security/advisories/CVE-2023-1667.txt
https://security.gentoo.org/glsa/202312-05
https://lists.debian.org/debian-lts-announce/2023/05/msg00029.html
https://bugzilla.redhat.com/show_bug.cgi?id=2182199
https://access.redhat.com/security/cve/CVE-2023-1667
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/

Affected packages

Git / git.libssh.org/projects/libssh.git

Affected ranges

Type: GIT
Repo: https://git.libssh.org/projects/libssh.git
Events: Introduced

67c0ce3d219a1565491c30d6e5815a73eaea70a4

Last affected

da6d026c125712d197479a7930b4efc117bfe7af

Introduced

7f6b3fab4e8d4b97e73d5ca60ddc5a3d0f5880d2

Last affected

e8322817a9e5aaef0698d779ddd467a209a85d85

Affected versions

libssh-0.*

libssh-0.10.0

libssh-0.10.2

libssh-0.10.3

libssh-0.10.4

libssh-0.9.1

libssh-0.9.2

libssh-0.9.3

libssh-0.9.4

libssh-0.9.5

libssh-0.9.6