Impact
Maliciously formed KEX init message can result with high memory usage.
Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message.
Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data.
Workarounds
- set option
parallel_login to false
- reduce
max_sessions option
Affected/Unaffected Versions
A version larger than or equal to one of the listed patched versions is unaffected; otherwise, a version that satisfies an expression listed under affected versions is affected, and if it does not, it is unaffected.
The documentation of the new OTP version scheme describes how versions should be compared. Note that versions used prior to OTP 17.0, when the new OTP version scheme was introduced, are never listed since it is not well defined how to compare those versions.
In the case of this vulnerability, versions prior to OTP 17.0 are likely also affected.
References
n/a
Impact
Maliciously formed KEX init message can result with high memory usage.
Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message.
Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data.
Workarounds
parallel_logintofalsemax_sessionsoptionAffected/Unaffected Versions
A version larger than or equal to one of the listed patched versions is unaffected; otherwise, a version that satisfies an expression listed under affected versions is affected, and if it does not, it is unaffected.
The documentation of the new OTP version scheme describes how versions should be compared. Note that versions used prior to OTP 17.0, when the new OTP version scheme was introduced, are never listed since it is not well defined how to compare those versions.
In the case of this vulnerability, versions prior to OTP 17.0 are likely also affected.
References
n/a