Security Advisory

CVE-2020-1730

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-13 00:00:00

Last updated 2024-08-04 06:46:30

Assigner redhat

State PUBLISHED

Description

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasnt been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

← Browse all CVEs View on cve.org ↗