Subject: [ASA-202004-11] libssh: denial of service Arch Linux Security Advisory ASA-202004-11 ========================================== Severity: Medium Date : 2020-04-09 CVE-ID : CVE-2020-1730 Package : libssh Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1130 Summary ======= The package libssh before version 0.9.4-1 is vulnerable to denial of service. Resolution ========== Upgrade to 0.9.4-1. # pacman -Syu "libssh>=0.9.4-1" The problem has been fixed upstream in version 0.9.4. Workaround ========== This issue can be mitigated by disabling AES-CTR ciphers. Description =========== A malicious client or server could crash the counterpart implemented with libssh before 0.9.4. When AES-CTR ciphers are used and don't get fully initialized, libssh will crash when it tries to cleanup the AES- CTR ciphers when closing the connection. Impact ====== A malicious client or server could crash the counterpart via a crafted SSH connection. References ========== https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ https://www.libssh.org/security/advisories/CVE-2020-1730.txt https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.9&id=958afb1c6ad671fe2a8d671702a88843bb78fc38 https://security.archlinux.org/CVE-2020-1730