Thursday, 14 January 2016

A serious bug with SSH that requires immediate action

Two issues have been identified in OpenSSH (CVE-2016-0777 and CVE-2016-0778). Theo de Raadt in a mailing list posting gave us a heads up earlier today. 
More or less, you will need to add the option UseRoaming no to your /etc/ssh/ssh_config (or your user's ~/.ssh/config) file, or start your SSH client with -oUseRoaming=no included on the command line. Adding the option to the config file can be done with a single command:

# echo -e 'Host *\nUseRoaming no' >> /etc/ssh/ssh_config

This is a basically a workaround until you are able to patch all affected systems. 

What is the problem?
SSH roaming enables a client, in case an SSH connection breaks unexpectedly, to resume it at a later time, provided the server also supports it. The OpenSSH server doesn't support roaming, but the OpenSSH client supports it (even though it's not documented) and it's enabled by default.
  • CVE-2016-0777
    An information leak (memory disclosure) can be exploited by a rogue SSH server to trick a client into leaking sensitive data from the client memory, including for example private keys.
  • CVE-2016-0778
    A buffer overflow (leading to file descriptor leak), can also be exploited by a rogue SSH server, but due to another bug in the code is possibly not exploitable, and only under certain conditions (not the default configuration), when using ProxyCommand, ForwardAgent or ForwardX11.

At the moment:
  • This affects OpenSSH versions 5.4 through 7.1.
  • Errata patches for 5.8 and 5.7 have been published.
  • Portable OpenSSH 7.1p2 has been released
  • Fixed versions are available for OpenBSD snapshots dated 2016-01-12 and later. M:Tier has binpatches for OpenBSD 5.7-stable and 5.8-stable. Debian, Ubuntu, RHEL, and many other Linux distros have it now or will soon.
  • Read the Debian announcement for further information.
In case you need more information, the Qualys Security has posted their full report.

No comments:

Post a Comment