Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Gentoo: GLSA-202310-02 Critical: OpenSSH Buffer Overflow Vulnerability

gentoo
Calendar Grey November 7, 2019
Dist Gentoo Esm H88
A scheduled notification regarding a critical OpenSSH buffer overflow in Gentoo has been issued. Prompt updates are recommended to mitigate risk of potential vulnerabilities.
An integer overflow in OpenSSH might allow an attacker to execute arbitrary code.

Summary

OpenSSH, when built with "xmss" USE flag enabled, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. NOTE: This USE flag is disabled by default!

Topics%20covered

Topics Covered

security advisory denial of service gentoo remote code execution integer overflow openssh normal

Resolution

All OpenSSH users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=net-misc/openssh/openssh-8.0_p1-r4"

References

[ 1 ] CVE-2019-16905 https://nvd.nist.gov/vuln/detail/CVE-2019-16905

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201911-01
style>.gentoo_availability{display:block;}

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity
critical
Lowest
Low
Medium
High
Critical

Severity: Normal
Title: OpenSSH: Integer overflow
Date: November 07, 2019
Bugs: #697046
ID: 201911-01

Topics%20covered

Topics Covered

security advisory denial of service gentoo remote code execution integer overflow openssh normal

Synopsis

An integer overflow in OpenSSH might allow an attacker to execute arbitrary code.

Background

OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/openssh >= 8.0_p1-r2 >= 8.0_p1-r4

Impact

===== A remote attacker could connect to a vulnerable OpenSSH server using a special crafted XMSS key possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

Workaround

Disable XMSS key type.

Related News

Your message here