DSA-5409-1 libssh -- libsshID: oval:org.secpod.oval:def:93344 | Date: (C)2023-09-27 (M)2024-02-08 |
Class: PATCH | Family: unix |
Two security issues have been discovered in libssh, a tiny C SSH library: CVE-2023-1667 Philip Turnbull discovered a NULL pointer dereference which could result in denial of service. CVE-2023-2283 Kevin Backhouse discovered that pki_verify_data_signature may fail to correctly validate authentication in memory pressure situations.
Product: |
libssh-gcrypt-dev |
libssh-4 |
libssh-gcrypt-4 |
libssh-dev |
libssh-doc |