Bugzilla – Bug 1136104
sshd crash with GSSAPIKeyExchange setting
Last modified: 2023-05-30 10:41:36 UTC
Created attachment 805870 [details] sshd_config In the current openSUSE Leap 15.1 the sshd (Version 7.9p1-lp151.3.4) is reproducably crashing with a set GSSAPIKeyExchange option during unpriviledged user login with different authentication methods (Pub Key, password or Kerberos Key forwarding). If the option is set to no, which is default, sshd is working. The setup is working under openSUSE Leap 15.0.
Created attachment 805871 [details] sshd debug log
Created attachment 806051 [details] client ssh config (.ssh/config) the "segfault" is "only" occuring if a kerberos context with a forwardable ticket is present on the client side and the client ssh config (s. config) requests ticket forwarding. Furthermore it must be combined with a NFSv4 Kerberos Mountpoint on the serverside. Without NFSv4 the ticket forwarding for krbtgt is working without segfault. Then authentication with gssapi-with-mic is used. If i use the openssh 7.6p1 package from openSUSE 15.0 for the new 15.1 release, the bug is not happening. I increase the priority, because in my opinion ticket forwarding and usage of NFSv4 with Kerberos is a common case in a kerberos setup with single sign-on.
Created attachment 806053 [details] ssh client debug log when the segfault is happening on the serverside
Could you also please provide the core file?
Created attachment 806234 [details] sshd stacktrace of worker thread in the segfault case The segfault in the child thread of the sshd doesn't produce a core. Maybe some signal handler catches the segfault. Instead i've appended a gdb stacktrace of the segfault.
I haven't tried reproducing the issue, but I think I see the problem. openssh-7.7p1-gssapi_key_exchange.patch is wrong. A bug got introduced there while porting the patch to OpenSSL 1.1. In kexgsss.c 81 const BIGNUM *p, *g, *pub_key; [...] 124 dh = PRIVSEP(choose_dh(min, nbits, max)); 125 if (dh == NULL) 126 packet_disconnect("Protocol error: no matching group found"); 127 128 DH_set0_pqg(dh, &p, NULL, &g); 129 packet_start(SSH2_MSG_KEXGSS_GROUP); 130 packet_put_bignum2((BIGNUM *)p); 131 packet_put_bignum2((BIGNUM *)g); DH_set0_pqg() on line 128 should be DH_get0_pqg() instead. The current code tries to retrieve the values of p and g from dh in order to send them over the wire with the packet_put_bignum2() right below. But instead of getting the values from dh, it actually sets dh->p and dh->g to uninitialized values which causes the eventual crash in openssl's BN_num_bits.
Ralf, would you mind testing the openssh packages from https://build.opensuse.org/package/show/home:vitezslav_cizek:branches:network/openssh? You can download the Leap 15.1 packages from https://download.opensuse.org/repositories/home:/vitezslav_cizek:/branches:/network/openSUSE_Leap_15.1/ or you could also build them yourself from the OBS project.
Dear Vítězslav, i've tested with your openssh packages (openssh-7.9p1-lp151.234.1.x86_64.rpm ...) and i couldn't reproduce the segfault in my tests. Your patch fixes the problem. Thank you for your investigation.
Thanks for the quick testing, Ralf. I've submitted the fixed package to Factory. Hans-Peter, please take care of fixing SLE-15-SP1.
Affects SLE-15-SP1/Factory only. It is however a kinda nasty bug. Given that the dh->p and dh->g parameters are essentially replaced by uninitialized data from the stack, one should assume the possibility that sometimes the server won't crash, but it'll negotiate these weak (random) dh parameters with the client instead.
Created attachment 806544 [details] Change for the openssh-7.7p1-gssapi_key_exchange.patch
SUSE-RU-2019:1633-1: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 1136104 CVE References: Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP1 (src): openssh-7.9p1-6.3.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): openssh-7.9p1-6.3.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src): openssh-askpass-gnome-7.9p1-6.3.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): openssh-7.9p1-6.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-RU-2019:1729-1: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 1136104 CVE References: Sources used: openSUSE Leap 15.1 (src): openssh-7.9p1-lp151.4.3.1, openssh-askpass-gnome-7.9p1-lp151.4.3.1
Code changes have been submitted; reassigning to maint-coord.
seems fixed
*** Bug 1159097 has been marked as a duplicate of this bug. ***