Lucene search
Ubuntu.comUB:CVE-2021-43565HistorySep 06, 2022 - 12:00 a.m.
CVE-2021-43565
2022-09-0600:00:00
ubuntu.com
ubuntu.com
27
golang.org/x/crypto
ssh server panic
snapd
lxd
embedded package
vulnerability
terminal sub-package
unix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
36.2%
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of
golang.org/x/crypto allows an attacker to panic an SSH server.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | snapd contains an embedded copy of golang-go.crypto lxd in 18.04 LTS and earlier contains an embedded copy of golang-go.crypto |
| mdeslaur | snapd and lxd only use the terminal sub-package, not the ssh part of golang-go.crypto, so they are not vulnerable |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | golang-go.crypto | <ย any | UNKNOWN |
| ubuntu | 20.04 | noarch | golang-go.crypto | <ย any | UNKNOWN |
| ubuntu | 22.04 | noarch | golang-go.crypto | <ย any | UNKNOWN |
| ubuntu | 23.10 | noarch | golang-go.crypto | <ย any | UNKNOWN |
| ubuntu | 24.04 | noarch | golang-go.crypto | <ย any | UNKNOWN |
| ubuntu | 16.04 | noarch | golang-go.crypto | <ย any | UNKNOWN |
Related
suse
suse
Security update for containerd, docker (important)
2022-05-16 00:00:00
Security update for kafka (important)
2022-02-17 00:00:00
ibm
ibm
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2021-43565
2022-08-08 10:11:17
osv
osv
x/crypto/ssh vulnerable to panic via malformed packets
2022-09-07 00:01:52
Panic on malformed packets in golang.org/x/crypto/ssh
2022-09-13 03:32:38
veracode
veracode
Denial Of Service (DoS)
2022-04-13 00:42:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:0040-1)
2022-01-11 00:00:00
openSUSE: Security Advisory for kubevirt, (openSUSE-SU-2022:0526-1)
2022-02-22 00:00:00
openSUSE: Security Advisory for kubevirt, (openSUSE-SU-2022:0040-1)
2022-02-01 00:00:00
cgr
cgr
CVE-2021-43565 vulnerabilities
2024-05-19 03:07:16
prion
prion
Code injection
2022-09-06 18:15:00
gitlab
gitlab
x/crypto/ssh vulnerable to panic via SSH server
2022-09-07 00:00:00
x/crypto/ssh vulnerable to panic via SSH server
2022-09-07 00:00:00
redhatcve
redhatcve
CVE-2021-43565
2022-04-30 13:10:01
nvd
nvd
CVE-2021-43565
2022-09-06 18:15:10
wolfi
wolfi
CVE-2021-43565 vulnerabilities
2024-07-03 09:08:38
cve
cve
CVE-2021-43565
2022-09-06 18:15:10
cvelist
cvelist
CVE-2021-43565
2022-09-06 17:03:42
github
github
x/crypto/ssh vulnerable to panic via malformed packets
2022-09-07 00:01:52
debiancve
debiancve
CVE-2021-43565
2022-09-06 18:15:10
amazon
amazon
Important: amazon-ssm-agent
2023-10-12 15:09:00
Important: amazon-ssm-agent
2023-08-31 22:30:00
Important: amazon-ssm-agent
2023-08-30 18:41:00
redhat
redhat
(RHSA-2022:1361) Important: Red Hat OpenShift Data Foundation 4.10.0 RPM security,enhancement&bugfix update
2022-04-13 15:16:03
(RHSA-2022:1372) Important: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security & bug fix update
2022-04-13 18:44:45
(RHSA-2022:5188) Important: RHACS 3.69 security update
2022-06-24 19:39:26
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
36.2%
Related for UB:CVE-2021-43565