OpenSSH 7.1p2 released with security fix for CVE-2016-0777

Published: 2016-01-14
Last Updated: 2016-01-17 19:34:38 UTC
by Brad Duncan (Version: 1)
1 comment(s)

2016-01-14: Updated to show this is not as serious as previous vulnerabilities like Heartbleed.

OpenSSH 7.1p2 has been released with a security fix for a vulnerability recently assigned to CVE-2016-0777 [1].  CVE 2016-0777 is a client information leak that could leak private keys to a malicious server.  A workaround is available for previous versions of OpenSSH [2]. 

Early reports from Redhat [3] and the OpenBSD Journal [4] provide some details some details on this vulnerability.

From the Redhat press release:

Since version 5.4, the OpenSSH client supports an undocumented feature called roaming.  If a connection to an SSH server breaks unexpectedly, and if the server supports roaming as well, the client is able to reconnect to the server and resume the interrupted SSH session.  The roaming feature is enabled by default in OpenSSH clients, even though no OpenSSH server version implements the roaming feature.

An information leak flaw was found in the way OpenSSH client roaming feature was implemented.  The information leak is exploitable in the default configuration of certain versions of the OpenSSH client and could (depending on the client's version, compiler, and operating system) allow a malicious SSH server to steal the client's private keys.

This bug has similarities to the 2014 Heartbleed vulnerability that affected the OpenSSL crypto library.  Heartbleed was much more serious, because the bug made it possible for anyone with moderate hacking skills to exploit any website using OpenSSL.  By contrast, the OpenSSH bug can only be exploited after a vulnerable end user connects to a maliciously-configured server [5].

Thanks David, for the tipper!

References:

[1] http://www.openssh.com/txt/release-7.1p2
[2] http://marc.info/?l=openbsd-tech&m=145278077820529&w=2
[3] https://access.redhat.com/articles/2123781
[4] http://undeadly.org/cgi?action=article&sid=20160114142733
[5] http://arstechnica.com/security/2016/01/bug-that-can-leak-crypto-keys-just-fixed-in-widely-used-openssh/

Keywords:
1 comment(s)

Comments

The Qualys advisory with exploit is out now:
https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt

Diary Archives