Vulnerability CVE-2022-27191

Vulnerability Name:

CVE-2022-27191 (CCN-222162)

Assigned:

2022-03-15

Published:

2022-03-15

Updated:

2022-10-26

Summary:

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-327

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2022-27191

Source: XF
Type: UNKNOWN
gossh-cve202227191-dos(222162)

Source: MISC
Type: Mailing List, Third Party Advisory
https://groups.google.com/g/golang-announce

Source: CCN
Type: Google Groups Web site
An update of golang.org/x/crypto/ssh might be necessary

Source: CONFIRM
Type: Mailing List, Third Party Advisory
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-5e637f6cc6

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-14712f9699

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-a4c9009f3e

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-c87047f163

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-d37fb34309

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-30c5ed5625

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-3a63897745

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-ba365d3703

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-08ae2dd481

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-5cbd6de569

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-fae3ecee19

Source: CCN
Type: Go Web site
Go ssh package

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20220429-0002/

Source: CCN
Type: IBM Security Bulletin 6599703 (Db2 On Openshift)
Multiple vulnerabilities affect IBM Db2 On Openshift and IBM Db2 and Db2 Warehouse on Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 6826021 (Robotic Process Automation)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Source: CCN
Type: IBM Security Bulletin 6833262 (CICS TX Standard)
IBM CICS TX Standard is vulnerable to multiple vulnerabilities in Golang Go.

Source: CCN
Type: IBM Security Bulletin 6833264 (CICS TX Advanced)
IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in Golang Go.

Source: CCN
Type: IBM Security Bulletin 6848295 (Cloud Pak for Business Automation)
Security vulnerability is addressed with IBM Cloud Pak for Business Automation iFixes for November 2022

Source: CCN
Type: IBM Security Bulletin 6967018 (CICS TX Standard)
CVE-2022-27664, CVE-2022-21698, CVE-2021-43565 and CVE-2022-27191 may affect IBM CICS TX Standard

Vulnerable Configuration:

Configuration 1:

cpe:/a:golang:ssh:*:*:*:*:*:*:*:* (Version < 0.0.0-20220314234659-1baeb1ce4c0b)

Configuration 2:

cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

OR cpe:/a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:db2_warehouse:3.5:-:*:*:*:*:*:*

OR cpe:/a:ibm:db2_warehouse:4.0:-:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation:21.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.1:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:db2:3.5:-:*:*:*:*:*:*

OR cpe:/a:ibm:db2:4.0:-:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*

OR cpe:/a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:22.0.1:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7853	P	docker-20.10.23_ce-150000.175.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7862	P	podman-4.4.4-150500.1.4 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7513	P	golang-github-prometheus-node_exporter-1.5.0-150100.3.23.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7850	P	containerd-1.6.19-150000.87.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51972	P	Security update for containerd (Important)	2022-12-13
oval:org.opensuse.security:def:51577	P	Security update for containerd (Important)	2022-12-13
oval:com.redhat.rhsa:def:20227954	P	RHSA-2022:7954: podman security and bug fix update (Moderate)	2022-11-15
oval:com.redhat.rhsa:def:20228008	P	RHSA-2022:8008: buildah security and bug fix update (Moderate)	2022-11-15
oval:com.redhat.rhsa:def:20227469	P	RHSA-2022:7469: container-tools:4.0 security and bug fix update (Moderate)	2022-11-08
oval:com.redhat.rhsa:def:20227457	P	RHSA-2022:7457: container-tools:rhel8 security, bug fix, and enhancement update (Moderate)	2022-11-08
oval:org.opensuse.security:def:699	P	Security update for podman (Important)	2022-08-17
oval:org.opensuse.security:def:3668	P	librelp0-1.2.12-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:119579	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:94237	P	(Important)	2022-05-16
oval:org.opensuse.security:def:42385	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:118897	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:93608	P	(Important)	2022-05-16
oval:org.opensuse.security:def:482	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:94446	P	(Important)	2022-05-16
oval:org.opensuse.security:def:93136	P	(Important)	2022-05-16
oval:org.opensuse.security:def:119204	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:93811	P	(Important)	2022-05-16
oval:org.opensuse.security:def:42184	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:95298	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:93296	P	(Important)	2022-05-16
oval:org.opensuse.security:def:992	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:119394	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:94025	P	(Important)	2022-05-16
oval:org.opensuse.security:def:42286	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:118707	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:93454	P	(Important)	2022-05-16
oval:org.opensuse.security:def:1514	P	Security update for containerd, docker (Important)	2022-05-16
oval:org.opensuse.security:def:101685	P	Security update for containerd, docker (Important) (in QA)	2022-04-29
oval:org.opensuse.security:def:102092	P	Security update for containerd, docker (Important) (in QA)	2022-04-29

BACK