Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-9283Improper Verification of Cryptographic Signature in X Crypto

CWE-347Improper Verification of Cryptographic SignatureCWE-130Improper Handling of Length Parameter Inconsistency11 documents9 sources
Severity
7.5HIGHNVD
EPSS
18.7%
top 4.72%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Golang.org X CryptoDebian LinuxGolang Package SSH
Timeline
PublishedFeb 20
Latest updateAug 30

Description

golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

Gogolang.org/x_crypto< 0.0.0-20200220183623-bac4c82f6975
NVDgolang/package_ssh0.0.0-20200220183623-bac4c82f6975

Also affects: Debian Linux 9.0

🔴Vulnerability Details

5
OSV
Improper Verification of Cryptographic Signature in golang.org/x/crypto2021-05-18
GHSA
Improper Verification of Cryptographic Signature in golang.org/x/crypto2021-05-18
OSV
Panic due to improper verification of cryptographic signatures in golang.org/x/crypto/ssh2021-04-14
CVEList
CVE-2020-9283: golang2020-02-20
OSV
CVE-2020-9283: golang2020-02-20

💥Exploits & PoCs

1
Exploit-DB
Go SSH servers 0.0.2 - Denial of Service (PoC)2020-02-24

📋Vendor Advisories

2
Red Hat
golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic2020-02-21
Debian
CVE-2020-9283: golang-go.crypto - golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a pa...2020

💬Community

2
HackerOne
SSH server due to Improper Signature Verification2021-08-30
Bugzilla
CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic2020-02-19
CVE-2020-9283 — Golang.org X Crypto vulnerability | cvebase