OpenSSH 9.3p2 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html Changes since OpenSSH 9.3 ======================== This release fixes a security bug. Security ======= Fix CVE-2023-38408 - a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met: * Exploitation requires the presence??of specific libraries on ?? the victim system. * Remote exploitation??requires that the agent was forwarded ?? to an attacker-controlled??system. Exploitation can also be prevented by starting ssh-agent(1) with an empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that contains only specific provider libraries. This vulnerability was discovered and demonstrated to be exploitable by the Qualys Security Advisory team. In addition to removing the main precondition for exploitation, this release removes the ability for remote ssh-agent(1) clients to load PKCS#11 modules by default (see below). Potentially-incompatible changes -------------------------------- * ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules issued by remote clients by default. A flag has been added to restore the previous behaviour "-Oallow-remote-pkcs11". Note that ssh-agent(8) depends on the SSH client to identify requests that are remote. The OpenSSH >=8.9 ssh(1) client does this, but forwarding access to an agent socket using other tools may circumvent this restriction. Checksums: ========= - SHA1 (openssh-9.3p2.tar.gz) = 219cf700c317f400bb20b001c0406056f7188ea4 - SHA256 (openssh-9.3p2.tar.gz) = IA6+FH9ss/EB/QzfngJEKvfdyimN/9n0VoeOfMrGdug Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc Reporting Bugs: ============== - Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh at openssh.com
Dear Damien, Could you please clarify which versions are vulnerable? On Wed, Jul 19, 2023 at 7:38?PM Damien Miller <djm at cvs.openbsd.org> wrote:> > OpenSSH 9.3p2 has just been released. It will be available from the > mirrors listed at https://www.openssh.com/ shortly. > > OpenSSH is a 100% complete SSH protocol 2.0 implementation and > includes sftp client and server support. > > Once again, we would like to thank the OpenSSH community for their > continued support of the project, especially those who contributed > code or patches, reported bugs, tested snapshots or donated to the > project. More information on donations may be found at: > https://www.openssh.com/donations.html > > Changes since OpenSSH 9.3 > ========================> > This release fixes a security bug. > > Security > =======> > Fix CVE-2023-38408 - a condition where specific libaries loaded via > ssh-agent(1)'s PKCS#11 support could be abused to achieve remote > code execution via a forwarded agent socket if the following > conditions are met: > > * Exploitation requires the presence of specific libraries on > the victim system. > * Remote exploitation requires that the agent was forwarded > to an attacker-controlled system. > > Exploitation can also be prevented by starting ssh-agent(1) with an > empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring > an allowlist that contains only specific provider libraries. > > This vulnerability was discovered and demonstrated to be exploitable > by the Qualys Security Advisory team. > > In addition to removing the main precondition for exploitation, > this release removes the ability for remote ssh-agent(1) clients > to load PKCS#11 modules by default (see below). > > Potentially-incompatible changes > -------------------------------- > > * ssh-agent(8): the agent will now refuse requests to load PKCS#11 > modules issued by remote clients by default. A flag has been added > to restore the previous behaviour "-Oallow-remote-pkcs11". > > Note that ssh-agent(8) depends on the SSH client to identify > requests that are remote. The OpenSSH >=8.9 ssh(1) client does > this, but forwarding access to an agent socket using other tools > may circumvent this restriction. > > Checksums: > =========> > - SHA1 (openssh-9.3p2.tar.gz) = 219cf700c317f400bb20b001c0406056f7188ea4 > - SHA256 (openssh-9.3p2.tar.gz) = IA6+FH9ss/EB/QzfngJEKvfdyimN/9n0VoeOfMrGdug> > Please note that the SHA256 signatures are base64 encoded and not > hexadecimal (which is the default for most checksum tools). The PGP > key used to sign the releases is available from the mirror sites: > https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc > > Reporting Bugs: > ==============> > - Please read https://www.openssh.com/report.html > Security bugs should be reported directly to openssh at openssh.com > > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev-- Dmitry Belyavskiy
Hey. On Wed, 2023-07-19 at 08:40 -0600, Damien Miller wrote:> via a forwarded agent socket if the following > conditions are met:I assume this also means that when: ForwardAgent=no respectively: -a is used, one is not vulnerable? Thanks, Chris.
Hi Damien, Can you please add a V_9_3_P2 tag? Thanks, Corinna On Jul 19 08:40, Damien Miller wrote:> OpenSSH 9.3p2 has just been released. It will be available from the > mirrors listed at https://www.openssh.com/ shortly. > > OpenSSH is a 100% complete SSH protocol 2.0 implementation and > includes sftp client and server support. > > Once again, we would like to thank the OpenSSH community for their > continued support of the project, especially those who contributed > code or patches, reported bugs, tested snapshots or donated to the > project. More information on donations may be found at: > https://www.openssh.com/donations.html > > Changes since OpenSSH 9.3 > ========================> > This release fixes a security bug. > > Security > =======> > Fix CVE-2023-38408 - a condition where specific libaries loaded via > ssh-agent(1)'s PKCS#11 support could be abused to achieve remote > code execution via a forwarded agent socket if the following > conditions are met: > > * Exploitation requires the presence?of specific libraries on > ? the victim system. > * Remote exploitation?requires that the agent was forwarded > ? to an attacker-controlled?system. > > Exploitation can also be prevented by starting ssh-agent(1) with an > empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring > an allowlist that contains only specific provider libraries. > > This vulnerability was discovered and demonstrated to be exploitable > by the Qualys Security Advisory team. > > In addition to removing the main precondition for exploitation, > this release removes the ability for remote ssh-agent(1) clients > to load PKCS#11 modules by default (see below). > > Potentially-incompatible changes > -------------------------------- > > * ssh-agent(8): the agent will now refuse requests to load PKCS#11 > modules issued by remote clients by default. A flag has been added > to restore the previous behaviour "-Oallow-remote-pkcs11". > > Note that ssh-agent(8) depends on the SSH client to identify > requests that are remote. The OpenSSH >=8.9 ssh(1) client does > this, but forwarding access to an agent socket using other tools > may circumvent this restriction. > > Checksums: > =========> > - SHA1 (openssh-9.3p2.tar.gz) = 219cf700c317f400bb20b001c0406056f7188ea4 > - SHA256 (openssh-9.3p2.tar.gz) = IA6+FH9ss/EB/QzfngJEKvfdyimN/9n0VoeOfMrGdug> > Please note that the SHA256 signatures are base64 encoded and not > hexadecimal (which is the default for most checksum tools). The PGP > key used to sign the releases is available from the mirror sites: > https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc > > Reporting Bugs: > ==============> > - Please read https://www.openssh.com/report.html > Security bugs should be reported directly to openssh at openssh.com > >> _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev