A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-client" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-client-dbgsym" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-server" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-server-dbgsym" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-sftp-server" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-sftp-server-dbgsym" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-tests" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "openssh-tests-dbgsym" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "ssh" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "ssh-askpass-gnome" }, { "binary_version": "1:9.7p1-7ubuntu4.2", "binary_name": "ssh-askpass-gnome-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-client" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-client-dbgsym" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-server" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-server-dbgsym" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-sftp-server" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-sftp-server-dbgsym" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-tests" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "openssh-tests-dbgsym" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "ssh" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "ssh-askpass-gnome" }, { "binary_version": "1:9.6p1-3ubuntu13.8", "binary_name": "ssh-askpass-gnome-dbgsym" } ] }