The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
References
Link Providers
https://groups.google.com/g/golang-announce cve-icon cve-icon
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s cve-icon cve-icon
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-27191 cve-icon
https://security.netapp.com/advisory/ntap-20220429-0002/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-27191 cve-icon
History

Sun, 08 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat acm
CPEs cpe:/a:redhat:acm:2.4::el8
cpe:/a:redhat:acm:2.5::el8
cpe:/a:redhat:acm:2.6::el8
Vendors & Products Redhat acm

Mon, 19 Aug 2024 22:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:acm:2.4::el8
cpe:/a:redhat:acm:2.5::el8
cpe:/a:redhat:acm:2.6::el8
Vendors & Products Redhat acm

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-18T06:03:34

Updated: 2024-08-03T05:25:31.128Z

Reserved: 2022-03-15T00:00:00

Link: CVE-2022-27191

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-18T07:15:06.750

Modified: 2024-11-21T06:55:22.620

Link: CVE-2022-27191

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-03-15T00:00:00Z

Links: CVE-2022-27191 - Bugzilla