Onjonjo

**Name of the Vulnerable Software and Affected Versions** Russh versions 0.54.0 and earlier **Description** Russh is a Rust SSH client and server library. The channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation adds the value from the message to an internal state value, which can result in an integer overflow. If the Rust code is compiled with overflow checks, it will panic. A malicious client can crash a server. **Recommendations** Update to version 0.54.1 or later.