CVE-2020-29652: golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability
7.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.0459%
CWE
Published
5/24/2022
Updated
10/2/2023
KEV Status
No
Technology
Go
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| golang.org/x/crypto | go | < 0.0.0-20201216223049-8b5274cf687f | 0.0.0-20201216223049-8b5274cf687f |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability occurs in the authentication handling path where the server processes 'gssapi-with-mic' requests. The patch adds a guard condition in the server authentication flow to exclude this method when GSSAPIWithMICConfig is nil. The function responsible for authentication (serverAuthenticate() method of serverConn) would panic when processing this method without the nil check, as it would attempt to dereference the nil config.php. The function name is derived from the SSH package structure and the location of the security check addition in the patch.