CNNVD-202508-291 Information

CNNVD ID

CNNVD-202508-291

Related CVE

CVE-2025-54804

• CNNVD Published: 2025-08-05

Description (Chinese)

Russh是Eugene个人开发者的一个 Rust SSH 客户端和服务器端库。 Russh 0.54.0及之前版本存在安全漏洞，该漏洞源于SSH协议通道窗口调整消息处理不当，可能导致整数溢出。

Description (English)

Russh is a Rust SSH client and server terminal of Eugene’s personal developer. Russh 0.54.0 and previous versions had a security loophole, which stemmed from the mishandling of the SSH protocol channel window adjusting messages, which could result in an integer spill.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-05

Last Modified

2026-02-24

References

https://github.com/Eugeny/russh/commit/0eb5e406780890e21ff71dd25d731b30676478e5 https://github.com/Eugeny/russh/security/advisories/GHSA-h5rc-j5f5-3gcm

Patch

https://github.com/Eugeny/russh/releases