Vulnerability CVE-2023-2283: Information
Description
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
libssh | sisyphus | 0.9.7-alt1 | 0.10.6-alt1 | ALT-PU-2023-4108-1 | 324287 | Fixed |
libssh | sisyphus_e2k | 0.10.5-alt1 | 0.10.6-alt1 | ALT-PU-2023-4192-1 | - | Fixed |
libssh | sisyphus_riscv64 | 0.10.5-alt1 | 0.10.6-alt1 | ALT-PU-2023-4216-1 | - | Fixed |
libssh | p10 | 0.9.7-alt1 | 0.10.6-alt1 | ALT-PU-2023-4094-2 | 324288 | Fixed |
libssh | p10_e2k | 0.10.5-alt1 | 0.10.6-alt1 | ALT-PU-2023-5088-1 | - | Fixed |
libssh | c10f1 | 0.10.5-alt1 | 0.10.6-alt1 | ALT-PU-2023-4685-3 | 326303 | Fixed |
libssh | c9f2 | 0.10.5-alt1 | 0.10.6-alt1 | ALT-PU-2023-4683-3 | 326302 | Fixed |