Kotsi (CVE-2-2) e khethiloe laebraring ea libssh (e sa lokelang ho ferekanngoa le libssh2021), e etselitsoeng ho eketsa tšehetso ea bareki le seva bakeng sa protocol ea SSHv3634 ho mananeo a C, e lebisang ho khaphatseha ha buffer ha ho qala ts'ebetso ea rekey. ho sebelisa phapanyetsano ea bohlokoa e sebelisang algorithm e fapaneng ea hashing. Taba e lokisitsoe tokollong ea 0.9.6.
Motso oa bothata ke hore ts'ebetso ea phetoho ea senotlolo e lumella ho sebelisoa ha li-cryptographic hashes tse nang le boholo bo fapaneng le algorithm e sebelisitsoeng qalong. Boemong bona, mohopolo oa hash ho libssh o ne o abiloe ho ipapisitsoe le boholo ba hashi ea mantlha, 'me ho sebelisa boholo bo boholo ba hashe ho lebisa hore data e hlakoloe ka nqane ho moeli o fanoeng oa buffer. Joalo ka mokhoa oa ts'ireletso oa mokokotlo, o ka fokotsa lenane la mekhoa ea phapanyetsano ea senotlolo e tšehetsoeng ho li-algorithms tse nang le boholo bo lekanang ba hash. Ka mohlala, ho tlama ho SHA256, o ka eketsa khoutu: rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nistp256");
Source: opennet.ru