{"id":"GHSA-rv6r-3f5q-9rgx","summary":"Twisted SSH client and server deny of service during SSH handshake.","details":"### Impact\n\nThe Twisted SSH client and server implementation naively accepted an infinite amount of data for the  peer's SSH version identifier.\n\nA malicious peer can trivially craft a request that uses all available memory and crash the server, resulting in denial of service. The attack is as simple as `nc -rv localhost 22 \u003c /dev/zero`.\n\n### Patches\n\nThe issue was fix in GitHub commit https://github.com/twisted/twisted/commit/98387b39e9f0b21462f6abc7a1325dc370fcdeb1\n\nA fix is available in Twisted 22.2.0.\n\n### Workarounds\n\n* Limit access to the SSH server only to trusted source IP addresses.\n* Connect over SSH only to trusted destination IP addresses.\n\n### References\n\nReported at https://twistedmatrix.com/trac/ticket/10284\nDiscussions at https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx\n\n### For more information\n\nFound by vin01","aliases":["CVE-2022-21716","PYSEC-2022-160"],"modified":"2024-11-25T18:48:42.597453Z","published":"2022-03-03T19:02:08Z","database_specific":{"nvd_published_at":"2022-03-03T21:15:00Z","severity":"HIGH","github_reviewed_at":"2022-03-03T19:02:08Z","cwe_ids":["CWE-120","CWE-770"],"github_reviewed":true},"references":[{"type":"WEB","url":"https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21716"},{"type":"WEB","url":"https://github.com/twisted/twisted/commit/89c395ee794e85a9657b112c4351417850330ef9"},{"type":"WEB","url":"https://github.com/twisted/twisted/commit/98387b39e9f0b21462f6abc7a1325dc370fcdeb1"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2022-160.yaml"},{"type":"PACKAGE","url":"https://github.com/twisted/twisted"},{"type":"WEB","url":"https://github.com/twisted/twisted/releases/tag/twisted-22.2.0"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00009.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6"},{"type":"WEB","url":"https://security.gentoo.org/glsa/202301-02"},{"type":"WEB","url":"https://twistedmatrix.com/trac/ticket/10284"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"}],"affected":[{"package":{"name":"twisted","ecosystem":"PyPI","purl":"pkg:pypi/twisted"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"21.7.0"},{"fixed":"22.2.0"}]}],"versions":["21.7.0","22.1.0","22.1.0rc1","22.2.0rc1"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-rv6r-3f5q-9rgx/GHSA-rv6r-3f5q-9rgx.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]}