32660 – CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack): libssh

Bug 32660 - CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack): libssh

Summary: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Atta...

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	9
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	https://www.libssh.org/2023/12/18/lib...
Whiteboard:	MGA9-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:	32641
	Show dependency tree / graph

Reported:	2023-12-28 12:36 CET by papoteur
Modified:	2024-01-19 16:16 CET (History)
CC List:	4 users (show)

See Also:
Source RPM:	libssh-0.10.5
CVE:	CVE-2023-6004 CVE-2023-6918 CVE-2023-48795
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description papoteur 2023-12-28 12:36:16 CET

Description of problem:
See main report  in bug 32641

Version affected : libssh 0.10.5

papoteur 2023-12-28 12:37:56 CET

CVE: (none) => CVE-2023-6004 CVE-2023-6918 CVE-2023-48795
Source RPM: libssh-0.10.5CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack): => libssh-0.10.5
URL: (none) => https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
QA Contact: (none) => security
Component: RPM Packages => Security

Comment 1 papoteur 2023-12-28 12:41:41 CET

Affected packages:
urpmq --whatrequires lib64ssh4
cockpit-bridge
codelite
cryptsetup-ssh-token
hydra
kdebase4-runtime
kio-extras
krdc
lib64curl4
lib64virt0
qemu-block-ssh
remmina
sshtrix
wireshark-tools
x2goclient

Comment 2 papoteur 2023-12-28 12:44:58 CET

Source:
libssh-0.10.6-1.mga9
RPMS:
lib64ssh-devel-0.10.6-1.mga9
lib64ssh4-0.10.6-1.mga9

Assignee: yvesbrungard => qa-bugs

papoteur 2023-12-28 13:47:13 CET

Blocks: (none) => 32641

Comment 3 Herman Viaene 2023-12-28 17:32:08 CET

MGA9-64 Plasma Wayland on HP Pavillion
No installation issues
Used hydra to test connection to postgres database on my desktop PC and got output:
Hydra v9.5 (c) 2023 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-12-28 17:29:12
[DATA] max 1 task per 1 server, overall 1 task, 1 login try (l:1/p:1), ~1 try per task
[DATA] attacking postgres://mach1:5432/
1 of 1 target completed, 0 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-12-28 17:29:13
<finished>

Looks gooe to me

Whiteboard: (none) => MGA9-64-OK
CC: (none) => herman.viaene

Comment 4 Marja Van Waes 2023-12-28 21:57:36 CET

Advisory with SRPM from comment 2 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete"

Keywords: (none) => advisory
CC: (none) => marja11

Comment 5 Thomas Andrews 2023-12-29 01:44:14 CET

Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 6 Mageia Robot 2023-12-29 18:17:55 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0357.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Nicolas Salguero 2024-01-19 16:12:02 CET

Blocks: (none) => 32748

Nicolas Salguero 2024-01-19 16:16:44 CET

Blocks: 32748 => (none)

Note You need to log in before you can comment on or make changes to this bug.