libssh-0.9.6-10.el8

エラータID: AXSA:2023-6150:03

Release date: 
Wednesday, June 28, 2023 - 02:11
Subject: 
libssh-0.9.6-10.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

* libssh: NULL pointer dereference during rekeying with algorithm guessing (CVE-2023-1667)
* libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-1667
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
CVE-2023-2283
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.

Solution: 

Update packages.

CVEs: 
CVE-2023-1667
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
CVE-2023-2283
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
Additional Info: 

N/A

Download: 

SRPMS
  1. libssh-0.9.6-10.el8.src.rpm
    MD5: f29261df0238ed687c4bac6c504026d8
    SHA-256: 2868bfb1877232197b3ff822ba34f08c6047c98b6b7bf38f3b689cb8bac0a291
    Size: 1.08 MB

Asianux Server 8 for x86_64
  1. libssh-0.9.6-10.el8.i686.rpm
    MD5: 127c8a935743eb8bd1aaff2305652bdc
    SHA-256: efd5b07ec7a552f9e9630f822a7b7a5903dc29d0528388a8f949f2b6dfb00559
    Size: 237.53 kB
  2. libssh-0.9.6-10.el8.x86_64.rpm
    MD5: 231662c6565e8b4ef1ee2d827059e9d9
    SHA-256: d3ec0de353489262a231073a2fa1d6fbb310a0b3dda2dac53939abf7ec8f2364
    Size: 217.37 kB
  3. libssh-config-0.9.6-10.el8.noarch.rpm
    MD5: eb58b5865550f4b126d30816eb273793
    SHA-256: 305dc9c432c6baeb46e2354b55219c4155c48ba8ce421f30b59f81b6029b3f1a
    Size: 19.28 kB
  4. libssh-devel-0.9.6-10.el8.i686.rpm
    MD5: 3687e10c56a673b2895f72b0d144b928
    SHA-256: bb3e9f82ef61b557e544622ab1801737f2bd9536405c1bb9006e6f0b74d2bbe4
    Size: 438.96 kB
  5. libssh-devel-0.9.6-10.el8.x86_64.rpm
    MD5: b499bd2e5037d7829b1bdcc4a7678ae4
    SHA-256: 0b8cb5b06e47f0003055894aaa752245e5532f4ee3b27596391b330acab51c23
    Size: 438.93 kB