Hi, I reported a bug against the Debian distribution, but it might be more useful to report it here. Via fuzzing I discovered a key which will cause the ssh-keygen process to segfault when fingerprinting via: ssh-keygen -l -f bogus.key This segfault is a NULL pointer dereference, and is a denial of service attack if you run a service which allows SSH keys to be uploaded and display their fingerprints. (I run such a service. Oops.) There is a simple patch which I've posted in the bug report which fixes the problem for me, but probably needs more eyes. This is the patch: --- sshkey.c.orig 2015-10-13 22:42:26.178252307 +0300 +++ sshkey.c 2015-10-13 22:42:58.781080815 +0300 @@ -1198,6 +1198,9 @@ bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8) return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */ + if ( ret->rsa == NULL ) + return SSH_ERR_INVALID_FORMAT; + /* Get public exponent, public modulus. */ if ((r = read_decimal_bignum(&ep, ret->rsa->e)) < 0) return r; The crasher can be found in the bug-report (note there are two, the second is easier to deal with): https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801530:w I'm not a member of the list, but I'll keep an eye out for updates, via the archives, for the next few days in case there are questions. Steve -- http://www.steve.org.uk/
On Thu, 15 Oct 2015, Steve Kemp wrote:> Hi, > > I reported a bug against the Debian distribution, > but it might be more useful to report it here. > > Via fuzzing I discovered a key which will cause > the ssh-keygen process to segfault when fingerprinting > via: > > ssh-keygen -l -f bogus.keyCould you please share the key that causes this problem? Thanks, Damien
> > Via fuzzing I discovered a key which will cause > > the ssh-keygen process to segfault when fingerprinting > > via: > > > > ssh-keygen -l -f bogus.key > > Could you please share the key that causes this problem?The key was attached to the referenced bug report, but please find attached a copy to this mail. Usage is: $ gunzip crash.min.pub.gz $ ssh-keygen -l -f ./crash.min.pub Segmentation fault (It also crashes when running "ssh -i x.pub user at host", but that's less interesting.) Steve -- http://www.steve.org.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: crash.min.pub.gz Type: application/gzip Size: 41 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20151015/a4dce1b0/attachment.bin>
Seemingly Similar Threads
- [PATCH 1/3] Add private key protection information extraction to ssh-keygen
- Call for testing: OpenSSH 7.6
- [PATCH 1/2] Add support for openssl engine based keys
- [PATCH v2 0/2] Add openssl engine keys with provider upgrade path
- Call for testing: OpenSSH 6.9