CVE-2020-16135

Published: 29 July 2020

libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.

Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
libssh
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.04 LTS (Focal Fossa)
Released (0.9.3-2ubuntu2.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (0.8.0~20170825.94fa1e38-1ubuntu0.7)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.6.3-4.3ubuntu0.6)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=1493b4466fa394b321d196ad63dd6a4fa395d337
Upstream: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=dbfb7f44aa905a7103bdde9a198c1e9b0f480c2e
Upstream: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=65ae496222018221080dd753a52f6d70bf3ca5f3
Upstream: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=df0acab3a077bd8ae015e3e8b4c71ff31b5900fe