CVE-2020-1730: Null Pointer Dereference
First published: Thu Apr 09 2020(Updated: )
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ubuntu/libssh | <0.8.0~20170825.94 | 0.8.0~20170825.94 |
| ubuntu/libssh | <0.9.0-1ubuntu1.4 | 0.9.0-1ubuntu1.4 |
| ubuntu/libssh | <0.8.9<0.9.4 | 0.8.9 0.9.4 |
| debian/libssh | 0.9.8-0+deb11u1 0.10.6-0+deb12u1 0.10.6-3 | |
| libssh libssh | >=0.8.0<0.8.9 | |
| libssh libssh | >=0.9.0<0.9.4 | |
| netapp cloud backup | ||
| Ubuntu Linux | =18.04 | |
| Ubuntu Linux | =19.10 | |
| Fedoraproject Fedora | =31 | |
| Fedoraproject Fedora | =32 | |
| Red Hat Enterprise Linux | =8.0 | |
| oracle mysql workbench | <=8.0.21 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLSWHBQ3EPKGTGLQNH554Z746BJ3C554/
- https://security.netapp.com/advisory/ntap-20200424-0001/
- https://usn.ubuntu.com/4327-1/
- https://www.libssh.org/security/advisories/CVE-2020-1730.txt
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://launchpad.net/bugs/cve/CVE-2020-1730
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLSWHBQ3EPKGTGLQNH554Z746BJ3C554/
- https://bugs.libssh.org/T213
- https://git.libssh.org/projects/libssh.git/commit/?id=84a85803b4c83b8dac03b0d0aba58b48c98253e6
- https://git.libssh.org/projects/libssh.git/commit/?id=b36272eac1b36982598c10de7af0a501582de07a
- https://security-tracker.debian.org/tracker/CVE-2020-1730
- https://ubuntu.com/security/notices/USN-4327-1
- https://www.cve.org/CVERecord?id=CVE-2020-1730
- https://nvd.nist.gov/vuln/detail/CVE-2020-1730
- https://ubuntu.com/security/CVE-2020-1730
Frequently Asked Questions
What is CVE-2020-1730?
CVE-2020-1730 is a vulnerability in libssh versions before 0.8.9 and before 0.9.4 that could cause a crash when closing the connection.
How severe is CVE-2020-1730?
CVE-2020-1730 has a severity score of 5.3, which is considered medium severity.
Which software is affected by CVE-2020-1730?
CVE-2020-1730 affects libssh versions before 0.8.9 and before 0.9.4, as well as Netapp Cloud Backup, Canonical Ubuntu Linux 18.04 and 19.10, Fedora 31 and 32, Redhat Enterprise Linux 8.0, and Oracle Mysql Workbench 8.0.21.
How can I fix CVE-2020-1730?
To fix CVE-2020-1730, update libssh to version 0.8.9 or 0.9.4 if you are using it, and apply any available patches or updates for the affected software listed in the vulnerability description.
Where can I find more information about CVE-2020-1730?
You can find more information about CVE-2020-1730 in the references provided: [link 1], [link 2], [link 3].
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/remedy
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/event
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/references
- collector/security-tracker-debian
- source/Debian
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- package-manager/ubuntu
- package-manager/debian
- vendor/libssh
- canonical/libssh libssh
- version/libssh libssh/0.8.0
- version/libssh libssh/0.9.0
- vendor/netapp
- canonical/netapp cloud backup
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/18.04
- version/ubuntu linux/19.10
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/31
- version/fedoraproject fedora/32
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- vendor/oracle
- canonical/oracle mysql workbench
- version/oracle mysql workbench/8.0.21