===========================================================
== Subject:     Client/server denial of service when
==              handling AES-CTR ciphers
==
== CVE ID#:     2020-1730
==
== Versions:    >= 0.8.0
==
== Summary:     A malicious client or server could crash
==              the counterpart implemented with libssh
==              AES-CTR ciphers are used and don't get
==              fully initialized. It will crash when it
==              tries to cleanup the AES-CTR ciphers when
==              closing the connection.
==
===========================================================

===========
Description
===========

==================
Patch Availability
==================

Patches addressing the issues have been posted to:
https://www.libssh.org/security/

Additionally, libssh 0.8.9 and 0.9.4 have been issued
as security releases to correct the defect.  SSH administrators are
advised to upgrade to these releases or apply the patch as soon
as possible.

==================
CVSSv3 calculation
==================

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L (5.3)

==========
Workaround
==========

Disable AES-CTR ciphers. If you implement a server using libssh we advise to
use a prefork model so each session runs in an own process. If you have
implemented your server this way this is not really an issue. The client will
kill its own connection.

=======
Credits
=======

Originally reported by Yasheng Yang from Google.

Patches provided by Andreas Schneider of the libssh team.

==========================================================
== The libssh team
==========================================================