DSA-5409-1 libssh -- libssh| ID: oval:org.secpod.oval:def:93344 | Date: (C)2023-09-27 (M)2024-02-08 |
| Class: PATCH | Family: unix |
Two security issues have been discovered in libssh, a tiny C SSH library: CVE-2023-1667 Philip Turnbull discovered a NULL pointer dereference which could result in denial of service. CVE-2023-2283 Kevin Backhouse discovered that pki_verify_data_signature may fail to correctly validate authentication in memory pressure situations.
| Product: |
| libssh-gcrypt-dev |
| libssh-4 |
| libssh-gcrypt-4 |
| libssh-dev |
| libssh-doc |
