144 lines
5.2 KiB
Text
144 lines
5.2 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-SA-13:14.openssh Security Advisory
|
|
The FreeBSD Project
|
|
|
|
Topic: OpenSSH AES-GCM memory corruption vulnerability
|
|
|
|
Category: contrib
|
|
Module: openssh
|
|
Announced: 2013-11-19
|
|
Revised: 2013-11-28
|
|
Affects: FreeBSD 10.0-BETA
|
|
Corrected: 2013-11-19 09:35:20 UTC (stable/10, 10.0-STABLE)
|
|
2013-11-19 09:35:20 UTC (stable/10, 10.0-BETA3-p1)
|
|
2013-11-19 09:35:20 UTC (stable/10, 10.0-BETA2-p1)
|
|
2013-11-19 09:35:20 UTC (stable/10, 10.0-BETA1-p2)
|
|
CVE Name: CVE-2013-4548
|
|
|
|
For general information regarding FreeBSD Security Advisories,
|
|
including descriptions of the fields above, security branches, and the
|
|
following sections, please visit <URL:http://security.FreeBSD.org/>.
|
|
|
|
0. Revision History
|
|
|
|
v1.0 2013-11-19 Initial release.
|
|
v1.1 2013-11-28 Corrected path to sshd_config.
|
|
|
|
I. Background
|
|
|
|
OpenSSH is an implementation of the SSH protocol suite, providing an
|
|
encrypted and authenticated transport for a variety of services,
|
|
including remote shell access.
|
|
|
|
AES-GCM (Galois/Counter Mode) is a mode of operation for AES block
|
|
cipher that combines the counter mode of encryption with the Galois
|
|
mode of authentication which can offer throughput rates for state of
|
|
the art, high speed communication channels.
|
|
|
|
OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.
|
|
|
|
II. Problem Description
|
|
|
|
A memory corruption vulnerability exists in the post-authentication sshd
|
|
process when an AES-GCM cipher (aes128-gcm@openssh.com or
|
|
aes256-gcm@openssh.com) is selected during key exchange.
|
|
|
|
III. Impact
|
|
|
|
If exploited, this vulnerability might permit code execution with the
|
|
privileges of the authenticated user, thereby allowing a malicious
|
|
user with valid credentials to bypass shell or command restrictions
|
|
placed on their account.
|
|
|
|
IV. Workaround
|
|
|
|
Disable AES-GCM in the server configuration. This can be accomplished by
|
|
adding the following /etc/ssh/sshd_config option, which will disable
|
|
AES-GCM while leaving other ciphers active:
|
|
|
|
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc
|
|
|
|
Systems not running the OpenSSH server daemon (sshd) are not affected.
|
|
|
|
V. Solution
|
|
|
|
Perform one of the following:
|
|
|
|
1) Upgrade your vulnerable system to a supported FreeBSD stable or
|
|
release / security branch (releng) dated after the correction date.
|
|
|
|
2) To update your vulnerable system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
# fetch http://security.FreeBSD.org/patches/SA-13:14/openssh.patch
|
|
# fetch http://security.FreeBSD.org/patches/SA-13:14/openssh.patch.asc
|
|
# gpg --verify openssh.patch.asc
|
|
|
|
b) Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
Recompile the operating system using buildworld and installworld as
|
|
described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>.
|
|
|
|
Restart the sshd daemon, or reboot the system.
|
|
|
|
3) To update your vulnerable system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/10/ r258335
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548>
|
|
|
|
The latest revision of this advisory is available at
|
|
<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-13:14.openssh.asc>
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQIcBAEBCgAGBQJSl+hmAAoJEO1n7NZdz2rnHMYP/3yEQldDKONpQ1zS5YfDyVwO
|
|
wRBTgxMST7ozg/y7/xBA9FIpdRB8fJOgijKKVQv02MCN5xM5mXexxZAu1X3gcWls
|
|
v8Tf1YogR0IzLKzFDYYqZ/gWg/5vK1ALzPbHRSmDYivUSOyJftvDNFzPZnFp4DsI
|
|
U30OGxBfLSOvvX5XNGSixmILzv5DLxe7ThGa36oIZCKUAXSrNm79NfGiI0EvXK2Y
|
|
R3nTjdd5r5F5/K5S59BMmAmKCGIqsTJ/jeICKe49VUK+YyD+Wmr0gohhU6bmENWM
|
|
aXAD9em+uKGZnlqBUr5YC4vv8NHWuhOTWfl1CTDH4QhFOP+hiJt2w4EvGYORL1R/
|
|
2VDmFtiiPeebi7ECSTOSudx/xGvycpnUspw4T/b+H+kGar1ZvHpwqRYDC/Wla5Vq
|
|
Uzi7uIWTdJieLQXRERTln8mtehYmfHurlu1Mltb0v35vkSyUV5V6RjtxRAi0sWbj
|
|
w1A0lpDga1lom1FI5JTsiGtwV8A3MbmFKLuK7EUQf8I8lS80SptJNMMTkzYeW/Zy
|
|
jVqSj63Ns3WaDeHMURYfxf2ppb3meBX+Tw0glTBFJlE46c/sZ01zmcM0q1jQk5Vn
|
|
nHZgnGTKsCqR1VlnARdDicfa3VVhcPxeUkGEALZv1m31jA0AYG7BeAX9pvoQoOGK
|
|
1Oeu9j2MeszutBto6gqh
|
|
=6vNc
|
|
-----END PGP SIGNATURE-----
|