Bug 31503

Summary: openssh new double free security issue (CVE-2023-25136)
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Guillaume Rousse <guillomovitch>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: nicolas.salguero
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: openssh-9.1p1-1.mga9.src.rpm CVE:
Status comment: Fixed upstream in 9.2p1

Description David Walser 2023-02-03 01:43:27 CET 
OpenSSH 9.2 has been announced, fixing a security issue introduced in 9.1:
https://www.openwall.com/lists/oss-security/2023/02/02/2
https://www.openwall.com/lists/oss-security/2023/02/02/3
David Walser 2023-02-03 01:43:37 CET

Status comment: (none) => Fixed upstream in 9.2p1

Comment 1 David Walser 2023-02-06 14:28:08 CET 
This has a CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25136

Summary: openssh new double free security issue => openssh new double free security issue (CVE-2023-25136)

Comment 2 Nicolas Salguero 2023-03-10 16:18:42 CET 
Hi,

openssh-9.1p1-2.mga9 contains an upstream patch that should fix that issue.

Best regards,

Nico.

CC: (none) => nicolas.salguero

Comment 3 David Walser 2023-03-10 16:24:32 CET 
Thanks.

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Comment 4 David Walser 2023-04-18 13:46:23 CEST 
Fedora has issued an advisory for this on April 18:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R7LKQDFZWKYHQ65TBSH2X2HJQ4V2THS3/

Apparently they had backported the introduction of the issue to 8.8p1 so they had to backport the fix.  Hopefully we haven't also done the former.
Comment 5 Guillaume Rousse 2023-04-21 21:39:49 CEST 
We have version 8.4p1 in Mageia 8, and I can't find any trace of the offending code, so I think it's safe to assume we're not affected.