Bugzilla – Bug 1218127
VUL-0: CVE-2023-48795: libssh2_org: prefix truncation breaking ssh channel integrity
Last modified: 2024-01-08 14:53:59 UTC
(In reply to Marcus Meissner from comment #2) > - libssh2.org (aka libssh2_org): does not implement chacha20-poly1305 cipher > in > the newest release 1.11.0. ETM MACs were only implemented in 1.11.0, > so version before 1.11.0 are not affected. > > No SLES versions is currently affected, openSUSE Factory is affected. I agree that versions before 1.11.0 are not affected But we have 1.11.0 in SLE12-SP5 and SLE15_Update so I will prepare fixes for these codestreams.
https://terrapin-attack.com/ is public
Submitted here: SLE12-SP5: 315940 SLE15: 315941 I reverted patch 0048f3060ecc008d5a04095ca48f5c0421e66c08 that introduced ETM MACs. Also I checked ABI/API compatibility and it's compatible even when above commit is reverted.
I referenced invalid bug number in changelog so I resubmitted it: SLE12-SP5: 315940 -> 315965 SLE15: 315941 -> 315966
upstream is working on a fix, PR is in review: https://github.com/libssh2/libssh2/pull/1291 I would wait for this upstream fix
Upstream merged above PR SLE12-SP5: 315989 SLE15: 315990 Factory (devel project): 1134032
Factory: 1134106 ALP: 316033 In SLE15-SP6 it's inherited from SLE15, so everything should be fixed now.
SUSE-SU-2023:4946-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1218127 CVE References: CVE-2023-48795 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): libssh2_org-1.11.0-29.9.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): libssh2_org-1.11.0-29.9.1 SUSE Linux Enterprise Server 12 SP5 (src): libssh2_org-1.11.0-29.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): libssh2_org-1.11.0-29.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
All requests accepted, assigning back to security team.
SUSE-SU-2024:0006-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1218127 CVE References: CVE-2023-48795 Sources used: openSUSE Leap Micro 5.3 (src): libssh2_org-1.11.0-150000.4.22.1 openSUSE Leap Micro 5.4 (src): libssh2_org-1.11.0-150000.4.22.1 openSUSE Leap 15.4 (src): libssh2_org-1.11.0-150000.4.22.1 openSUSE Leap 15.5 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro for Rancher 5.3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro 5.3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro 5.4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro 5.5 (src): libssh2_org-1.11.0-150000.4.22.1 Basesystem Module 15-SP4 (src): libssh2_org-1.11.0-150000.4.22.1 Basesystem Module 15-SP5 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Real Time 15 SP4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Manager Proxy 4.3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Manager Retail Branch Server 4.3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Manager Server 4.3 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Enterprise Storage 7.1 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE CaaS Platform 4.0 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro 5.1 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro 5.2 (src): libssh2_org-1.11.0-150000.4.22.1 SUSE Linux Enterprise Micro for Rancher 5.2 (src): libssh2_org-1.11.0-150000.4.22.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done