x/vulndb: potential Go vuln in std: CVE-2021-43565

[GoVulnBot]

CVE-2021-43565 references std, which may be a Go module.

Description:
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.

References:

• NIST: https://nvd.nist.gov/vuln/detail/CVE-2021-43565
• JSON: https://github.com/CVEProject/cvelist/tree/254b752b4038217c60cafb31ec8f874c04c64039/2021/43xxx/CVE-2021-43565.json
• web: https://groups.google.com/forum/#!forum/golang-announce
• web: https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs
• Imported by: https://pkg.go.dev/std?tab=importedby

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: std
    packages:
      - package: std
description: |
    The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
cves:
  - CVE-2021-43565
references:
  - web: https://groups.google.com/forum/#!forum/golang-announce
  - web: https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs

[gopherbot]

Change https://go.dev/cl/430358 mentions this issue: data/reports: add GO-2022-0968.yaml for CVE-2021-43565

[gopherbot]

Change https://go.dev/cl/432416 mentions this issue: data/reports: add ghsa for GO-2022-0968.yaml