OpenBSD Journal

OpenSSH Security Advisory

Contributed by jcr on from the subcafinated dept.

An OpenSSH Security Advisory (partially quoted below) was released a few hours ago. Markus Friedl (markus@) found and fixed the issue in this commit. The change has also been back-ported to OpenBSD 5.4, and OpenBSD 5.3 has been upgraded to OpenSSH 6.4 to fix this issue. Errata for OpenBSD 5.4 and OpenBSD 5.3 have been updated, and patches are available.

    A memory corruption vulnerability exists in the post-
    authentication sshd process when an AES-GCM cipher
    (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
    selected during kex exchange.

    If exploited, this vulnerability might permit code execution
    with the privileges of the authenticated user and may
    therefore allow bypassing restricted shell/command
    configurations.

Please read the entire OpenSSH Security Advisory since it contains more information and may be updated.

TL;DR... If in place patching is difficult, mitigating the issue by disabling the AES-GCM cipher on affected hosts is advisable.
To do so add:

Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc (note should be all decent ciphers minus aes-gcm) to /etc/ssh/sshd_config.

Then run SSHD to test the configuration: sudo /usr/sbin/sshd -T

In the output notice the ciphers line matches what you configured and no other configuration warnings are present. And then finally (to avoid outages) send the HUP signal to the root sshd process (ie. the one owned by root).

sudo pkill -HUP -lxf /usr/sbin/sshd

When successful you will see similar additions to /var/log/authlog:

Nov  8 12:02:13 fnord sshd[3995]: Received SIGHUP; restarting.
Nov  8 12:02:13 fnord sshd[2255]: Server listening on 0.0.0.0 port 22.
Nov  8 12:02:13 fnord sshd[2255]: Server listening on :: port 22.

(Comments are closed)


Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]