Bug 32660

Summary: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack): libssh
Product: Mageia Reporter: papoteur <yvesbrungard>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, herman.viaene, marja11, sysadmin-bugs
Version: 9Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
Whiteboard: MGA9-64-OK
Source RPM: libssh-0.10.5 CVE: CVE-2023-6004 CVE-2023-6918 CVE-2023-48795
Status comment:
Bug Depends on:    
Bug Blocks: 32641    

Description papoteur 2023-12-28 12:36:16 CET 
Description of problem:
See main report  in bug 32641

Version affected : libssh 0.10.5
papoteur 2023-12-28 12:37:56 CET

CVE: (none) => CVE-2023-6004 CVE-2023-6918 CVE-2023-48795
Source RPM: libssh-0.10.5CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack): => libssh-0.10.5
URL: (none) => https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
QA Contact: (none) => security
Component: RPM Packages => Security

Comment 1 papoteur 2023-12-28 12:41:41 CET 
Affected packages:
urpmq --whatrequires lib64ssh4
cockpit-bridge
codelite
cryptsetup-ssh-token
hydra
kdebase4-runtime
kio-extras
krdc
lib64curl4
lib64virt0
qemu-block-ssh
remmina
sshtrix
wireshark-tools
x2goclient
Comment 2 papoteur 2023-12-28 12:44:58 CET 
Source:
libssh-0.10.6-1.mga9
RPMS:
lib64ssh-devel-0.10.6-1.mga9
lib64ssh4-0.10.6-1.mga9

Assignee: yvesbrungard => qa-bugs

papoteur 2023-12-28 13:47:13 CET

Blocks: (none) => 32641

Comment 3 Herman Viaene 2023-12-28 17:32:08 CET 
MGA9-64 Plasma Wayland on HP Pavillion
No installation issues
Used hydra to test connection to postgres database on my desktop PC and got output:
Hydra v9.5 (c) 2023 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-12-28 17:29:12
[DATA] max 1 task per 1 server, overall 1 task, 1 login try (l:1/p:1), ~1 try per task
[DATA] attacking postgres://mach1:5432/
1 of 1 target completed, 0 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-12-28 17:29:13
<finished>

Looks gooe to me

Whiteboard: (none) => MGA9-64-OK
CC: (none) => herman.viaene

Comment 4 Marja Van Waes 2023-12-28 21:57:36 CET 
Advisory with SRPM from comment 2 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete"

Keywords: (none) => advisory
CC: (none) => marja11

Comment 5 Thomas Andrews 2023-12-29 01:44:14 CET 
Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 6 Mageia Robot 2023-12-29 18:17:55 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0357.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Nicolas Salguero 2024-01-19 16:12:02 CET

Blocks: (none) => 32748

Nicolas Salguero 2024-01-19 16:16:44 CET

Blocks: 32748 => (none)