Bugzilla – Bug 1196739
VUL-0: CVE-2022-21716: python-Twisted: server accept an infinite amount of data for the peer's SSH version identifier
Last modified: 2022-07-06 16:17:29 UTC
CVE-2022-21716 Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21716 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21716 https://github.com/twisted/twisted/commit/89c395ee794e85a9657b112c4351417850330ef9 https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx http://www.cvedetails.com/cve/CVE-2022-21716/ https://github.com/twisted/twisted/releases/tag/twisted-22.2.0 https://twistedmatrix.com/trac/ticket/10284
SUSE-SU-2022:2070-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1196739 CVE References: CVE-2022-21716 JIRA References: Sources used: openSUSE Leap 15.4 (src): python-Twisted-19.10.0-150200.3.12.1 openSUSE Leap 15.3 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Manager Server 4.1 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Manager Retail Branch Server 4.1 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Manager Proxy 4.1 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise Module for Server Applications 15-SP3 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): python-Twisted-19.10.0-150200.3.12.1 SUSE Enterprise Storage 7 (src): python-Twisted-19.10.0-150200.3.12.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2117-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1196739 CVE References: CVE-2022-21716 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): python-Twisted-15.2.1-9.17.1 SUSE OpenStack Cloud Crowbar 8 (src): python-Twisted-15.2.1-9.17.1 SUSE OpenStack Cloud 9 (src): python-Twisted-15.2.1-9.17.1 SUSE OpenStack Cloud 8 (src): python-Twisted-15.2.1-9.17.1 SUSE Linux Enterprise Module for Web Scripting 12 (src): python-Twisted-15.2.1-9.17.1 HPE Helion Openstack 8 (src): python-Twisted-15.2.1-9.17.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2297-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1196739 CVE References: CVE-2022-21716 JIRA References: Sources used: openSUSE Leap 15.4 (src): python-Twisted-22.2.0-150400.5.4.1 SUSE Linux Enterprise Module for Server Applications 15-SP4 (src): python-Twisted-22.2.0-150400.5.4.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.