CVE-2020-1730

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

Published: Apr 13, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-1730
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
libssh / libssh	0.9.0	0.9.4
libssh / libssh	0.8.0	0.8.9
canonical / ubuntu_linux	18.04	18.04.x
redhat / enterprise_linux	8.0	8.0.x
canonical / ubuntu_linux	19.10	19.10.x
fedoraproject / fedora	31	31.x
fedoraproject / fedora	32	32.x
oracle / mysql_workbench	-	8.0.21.x

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730
https://lists.fedoraproject.org/archives/list/[email protected]/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/
https://lists.fedoraproject.org/archives/list/[email protected]/message/VLSWHBQ3EPKGTGLQNH554Z746BJ3C554/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLSWHBQ3EPKGTGLQNH554Z746BJ3C554/
https://security.netapp.com/advisory/ntap-20200424-0001/
https://usn.ubuntu.com/4327-1/
https://www.libssh.org/security/advisories/CVE-2020-1730.txt
https://www.oracle.com/security-alerts/cpuoct2020.html

Vulnerability Database

289,599

CVE-2020-1730