PT-2020-6258 · Libssh+9 · Libssh+9

Published

2020-07-29

Updated

2024-06-15

CVE-2020-16135

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions libssh version 0.9.4

Description The issue is related to a NULL pointer dereference in the tftpserver.c component of the libssh library, which can occur if ssh buffer new returns NULL. This can potentially allow a remote attacker to cause a denial of service.

Recommendations For libssh version 0.9.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2021:4387

ALT-PU-2021-1788

ALT-PU-2021-2381

ALT-PU-2021-3669

BDU:2021-03730

CESA-2021_4387

CVE-2020-16135

DLA-2303-1

MGASA-2020-0324

MGASA-2020-0338

OPENSUSE-SU-2024:10998-1

RHSA-2021:4387

RHSA-2021:4750

RHSA-2021_4387

RLSA-2021:4387

SUSE-SU-2024:0525-1

SUSE-SU-2024:0539-1

USN-4447-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Libssh

PT-2020-6258 · Libssh+9 · Libssh+9

CVE-2020-16135

Weakness Enumeration

Related Identifiers

Affected Products

References · 74