Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 1 Jul 2024 18:35:23 +1000 (AEST)
From: Damien Miller <djm@...drot.org>
To: oss-security@...ts.openwall.com
Subject: Re: Announce: OpenSSH 9.8 released (fwd)


Date: Mon, 1 Jul 2024 18:21:11 +1000 (AEST)
From: Damien Miller <djm@...drot.org>
To: openssh-unix-dev@...drot.org
Subject: Re: Announce: OpenSSH 9.8 released
Message-ID: <d3d762aa-2fa4-3ec0-798c-f657ec914473@...drot.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII


Hi,

Regarding the race condition fixed in OpenSSH 9.8. A mitigation to
prevent exploitation of this bug is to disable the login grace timer
by setting LoginGraceTime=0 in sshd_config. This will however make
it much easier for an attacker to deny service to sshd.

Similarly, the much more minor keystroke timing bug can be avoided
by disabling the feature using ObscureKeystrokeTiming=0.

Some users will understandably prefer to patch their OpenSSH rather
than upgrade to the newest version, so here are minimal patches for
both problems.

1) Critical race condition in sshd

diff --git a/log.c b/log.c
index 9fc1a2e2e..191ff4a5a 100644
--- a/log.c
+++ b/log.c
@@ -451,12 +451,14 @@ void
 sshsigdie(const char *file, const char *func, int line, int showfunc,
     LogLevel level, const char *suffix, const char *fmt, ...)
 {
+#ifdef SYSLOG_R_SAFE_IN_SIGHAND
 	va_list args;
 
 	va_start(args, fmt);
 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
 	    suffix, fmt, args);
 	va_end(args);
+#endif
 	_exit(1);
 }
 
2) Minor logic error in ObscureKeystrokeTiming

diff --git a/clientloop.c b/clientloop.c
index 8ec36af94..6dcd6c853 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -608,8 +608,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout,
 		if (timespeccmp(&now, &chaff_until, >=)) {
 			/* Stop if there have been no keystrokes for a while */
 			stop_reason = "chaff time expired";
-		} else if (timespeccmp(&now, &next_interval, >=)) {
-			/* Otherwise if we were due to send, then send chaff */
+		} else if (timespeccmp(&now, &next_interval, >=) &&
+		    !ssh_packet_have_data_to_write(ssh)) {
+			/* If due to send but have no data, then send chaff */
 			if (send_chaff(ssh))
 				nchaff++;
 		}


Thanks,
Damien Miller

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.