Upstream information
CVE-2020-29652 at MITRE
Description
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
Overall state of this security issue: Pending
This issue is currently rated as having important severity.
CVSS v2 Scores
| National Vulnerability Database |
Base Score | 5 |
Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Access Vector | Network |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | Partial |
CVSS v3 Scores
| National Vulnerability Database |
Base Score | 7.5 |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Attack Vector | Network |
Attack Complexity | Low |
Privileges Required | None |
User Interaction | None |
Scope | Unchanged |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | High |
CVSSv3 Version | 3.1 |
No SUSE Bugzilla entries cross referenced.
No SUSE Security Announcements cross referenced.
List of released packages
Product(s) | Fixed package version(s) | References |
SUSE Liberty Linux 8 | buildah >= 1.19.7-1.module+el8.4.0+10607+f4da7515
buildah-tests >= 1.19.7-1.module+el8.4.0+10607+f4da7515
cockpit-podman >= 29-2.module+el8.4.0+10607+f4da7515
conmon >= 2.0.26-1.module+el8.4.0+10607+f4da7515
container-selinux >= 2.158.0-1.module+el8.4.0+10607+f4da7515
containernetworking-plugins >= 0.9.1-1.module+el8.4.0+10607+f4da7515
containers-common >= 1.2.2-8.module+el8.4.0+10607+f4da7515
crit >= 3.15-1.module+el8.4.0+10607+f4da7515
criu >= 3.15-1.module+el8.4.0+10607+f4da7515
crun >= 0.18-1.module+el8.4.0+10607+f4da7515
fuse-overlayfs >= 1.4.0-2.module+el8.4.0+10607+f4da7515
libslirp >= 4.3.1-1.module+el8.4.0+10607+f4da7515
libslirp-devel >= 4.3.1-1.module+el8.4.0+10607+f4da7515
oci-seccomp-bpf-hook >= 1.2.0-2.module+el8.4.0+10607+f4da7515
podman >= 3.0.1-6.module+el8.4.0+10607+f4da7515
podman-catatonit >= 3.0.1-6.module+el8.4.0+10607+f4da7515
podman-docker >= 3.0.1-6.module+el8.4.0+10607+f4da7515
podman-plugins >= 3.0.1-6.module+el8.4.0+10607+f4da7515
podman-remote >= 3.0.1-6.module+el8.4.0+10607+f4da7515
podman-tests >= 3.0.1-6.module+el8.4.0+10607+f4da7515
python3-criu >= 3.15-1.module+el8.4.0+10607+f4da7515
runc >= 1.0.0-70.rc92.module+el8.4.0+10607+f4da7515
skopeo >= 1.2.2-8.module+el8.4.0+10607+f4da7515
skopeo-tests >= 1.2.2-8.module+el8.4.0+10607+f4da7515
slirp4netns >= 1.1.8-1.module+el8.4.0+10607+f4da7515
toolbox >= 0.0.8-1.module+el8.4.0+10607+f4da7515
udica >= 0.2.4-1.module+el8.4.0+10607+f4da7515
| Patchnames: RHSA-2021:1796 |
openSUSE Tumbleweed | | Patchnames: openSUSE-Tumbleweed-2024-11667 |
SUSE Timeline for this CVE
CVE page created: Thu Dec 17 13:06:17 2020
CVE page last modified: Mon Nov 18 13:59:36 2024