Version v0.0.0-20211202192323-5770296d904e of golang.org/x/crypto fixes a vulnerability in the golang.org/x/crypto/ssh package which allowed unauthenticated clients to cause a panic in SSH servers. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains empty plaintext causes a panic, due to the assumption that there will always be at least one byte, containing the number of padding bytes.
Version v0.0.0-20211202192323-5770296d904e of golang.org/x/crypto fixes a vulnerability in the golang.org/x/crypto/ssh package which allowed unauthenticated clients to cause a panic in SSH servers. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains empty plaintext causes a panic, due to the assumption that there will always be at least one byte, containing the number of padding bytes.
https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs/m/9LAF9FxvBwAJ https://github.com/golang/go/issues/49932 https://go-review.googlesource.com/c/crypto/+/368814/ https://github.com/golang/crypto/commit/5770296d904e90f15f38f77dfc2e43fdf5efc083