Prefix truncation attack on BPP: By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. The vulnerable cipher modes are ChaCha20-Poly1305 (chacha20-poly1305) and Encrypt-then-MAC (-etm MAC algorithms).
Created age tracking bugs for this issue: Affects: fedora-all [bug 2255071] Created ansible-collection-ansible-netcommon tracking bugs for this issue: Affects: fedora-all [bug 2255055] Affects: openstack-rdo [bug 2255059] Created apptainer tracking bugs for this issue: Affects: epel-all [bug 2255062] Affects: fedora-all [bug 2255072] Created buildah tracking bugs for this issue: Affects: fedora-all [bug 2255073] Created caddy tracking bugs for this issue: Affects: epel-all [bug 2255063] Affects: fedora-all [bug 2255074] Created cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255075] Created cri-o:1.21/cri-o tracking bugs for this issue: Affects: epel-all [bug 2255064] Created cri-o:1.22/cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255076] Created cri-o:1.23/cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255077] Created cri-o:1.24/cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255078] Created cri-o:1.25/cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255080] Created cri-o:1.26/cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255081] Created cri-o:1.27/cri-o tracking bugs for this issue: Affects: fedora-all [bug 2255082] Created docker-compose tracking bugs for this issue: Affects: fedora-all [bug 2255056] Created doctl tracking bugs for this issue: Affects: fedora-all [bug 2255083] Created dropbear tracking bugs for this issue: Affects: epel-all [bug 2255041] Affects: fedora-all [bug 2255042] Created duplicity tracking bugs for this issue: Affects: fedora-all [bug 2255057] Created gh tracking bugs for this issue: Affects: fedora-all [bug 2255084] Created golang-github-cloudflare-cfssl tracking bugs for this issue: Affects: fedora-all [bug 2255085] Created golang-github-cloudflare-redoctober tracking bugs for this issue: Affects: fedora-all [bug 2255086] Created golang-github-facebookincubator-go2chef tracking bugs for this issue: Affects: fedora-all [bug 2255087] Created golang-github-francoispqt-gojay tracking bugs for this issue: Affects: fedora-all [bug 2255089] Created golang-github-git-5 tracking bugs for this issue: Affects: fedora-all [bug 2255090] Created golang-github-hashicorp-hc-install tracking bugs for this issue: Affects: fedora-all [bug 2255091] Created golang-github-in-toto tracking bugs for this issue: Affects: fedora-all [bug 2255092] Created golang-github-moby-buildkit tracking bugs for this issue: Affects: fedora-all [bug 2255093] Created golang-github-theoapp-theo-agent tracking bugs for this issue: Affects: fedora-all [bug 2255094] Created golang-googlecode-go-crypto tracking bugs for this issue: Affects: epel-all [bug 2255065] Created golang-x-crypto tracking bugs for this issue: Affects: epel-all [bug 2255066] Affects: fedora-all [bug 2255095] Created gomtree tracking bugs for this issue: Affects: fedora-all [bug 2255096] Created gopass tracking bugs for this issue: Affects: fedora-all [bug 2255097] Created gopass-hibp tracking bugs for this issue: Affects: fedora-all [bug 2255098] Created gopass-jsonapi tracking bugs for this issue: Affects: fedora-all [bug 2255099] Created gvisor-tap-vsock tracking bugs for this issue: Affects: fedora-all [bug 2255100] Created libssh tracking bugs for this issue: Affects: epel-all [bug 2255045] Affects: fedora-all [bug 2255047] Created libssh2 tracking bugs for this issue: Affects: epel-all [bug 2255046] Affects: fedora-all [bug 2255048] Created mingw-libssh2 tracking bugs for this issue: Affects: fedora-all [bug 2255049] Created nebula tracking bugs for this issue: Affects: fedora-all [bug 2255101] Created pack tracking bugs for this issue: Affects: epel-all [bug 2255067] Affects: fedora-all [bug 2255102] Created podman tracking bugs for this issue: Affects: fedora-all [bug 2255103] Created podman-tui tracking bugs for this issue: Affects: fedora-all [bug 2255104] Created proftpd tracking bugs for this issue: Affects: epel-all [bug 2255052] Affects: fedora-all [bug 2255053] Created prometheus-podman-exporter tracking bugs for this issue: Affects: fedora-all [bug 2255105] Created putty tracking bugs for this issue: Affects: epel-all [bug 2255050] Affects: fedora-all [bug 2255051] Created python-asyncssh tracking bugs for this issue: Affects: epel-all [bug 2255043] Affects: fedora-all [bug 2255044] Created python-docker tracking bugs for this issue: Affects: epel-all [bug 2255054] Affects: openstack-rdo [bug 2255060] Created python-network-runner tracking bugs for this issue: Affects: fedora-all [bug 2255058] Affects: openstack-rdo [bug 2255061] Created rclone tracking bugs for this issue: Affects: epel-all [bug 2255068] Affects: fedora-all [bug 2255106] Created restic tracking bugs for this issue: Affects: epel-all [bug 2255069] Affects: fedora-all [bug 2255107] Created singularity-ce tracking bugs for this issue: Affects: epel-all [bug 2255070] Affects: fedora-all [bug 2255108] Created vagrant tracking bugs for this issue: Affects: fedora-all [bug 2255109]
Created openssh tracking bugs for this issue: Affects: fedora-all [bug 2255125]
Mitigation: You can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9: 1. chacha20-poly1305 2. hmac-sha2-512-etm 3. hmac-sha2-256-etm 4. hmac-sha1-etm 5. hmac-md5-etm To do that through crypto-policies, one can apply a subpolicy with the following content: ``` cipher@SSH = -CHACHA20-POLY1305 ssh_etm = 0 ``` e.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server. One can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`. For more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening Note that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.
(In reply to Sandipan Roy from comment #7) > Created vagrant tracking bugs for this issue: > > Affects: fedora-all [bug 2255109] @saroy Would you mind elaborate how Vagrant got on the list? I think that Vagrant uses rubygem-net-ssh for the SSH. So is it vulnerable? Should the ciphers be disabled there? Is the upstream aware? This report unfortunately does not provide too much information.
In reply to comment #12: > (In reply to Sandipan Roy from comment #7) > > Created vagrant tracking bugs for this issue: > > > > Affects: fedora-all [bug 2255109] > > @saroy Would you mind elaborate how Vagrant got on the list? I > think that Vagrant uses rubygem-net-ssh for the SSH. So is it vulnerable? > Should the ciphers be disabled there? Is the upstream aware? > > This report unfortunately does not provide too much information. vagrant is listed becuase of this below golang dependency: $ depcli -svv golang.org/x/crypto/ssh -e golang | grep vagrant fedora-39 vagrant-2.3.4-3.fc39 (golang.org/x/crypto/ssh.0-20201002170205-7f63de1d35b0, golang)
(In reply to Sandipan Roy from comment #13) > In reply to comment #12: > > (In reply to Sandipan Roy from comment #7) > > > Created vagrant tracking bugs for this issue: > > > > > > Affects: fedora-all [bug 2255109] > > > > @saroy Would you mind elaborate how Vagrant got on the list? I > > think that Vagrant uses rubygem-net-ssh for the SSH. So is it vulnerable? > > Should the ciphers be disabled there? Is the upstream aware? > > > > This report unfortunately does not provide too much information. > > vagrant is listed becuase of this below golang dependency: > > $ depcli -svv golang.org/x/crypto/ssh -e golang | grep vagrant > fedora-39 vagrant-2.3.4-3.fc39 > (golang.org/x/crypto/ssh.0-20201002170205-7f63de1d35b0, golang) Thx for elaborating. Is it possible to provide this level of detail in the future? As you can see, something like this never came to my mind.
Looking for a mitigation for RHEL 7, does this appear to be correct? /etc/ssh/ssh_config: ``` Ciphers 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc.se,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes256-gcm MACs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160,umac-64,umac-128 ``` /etc/ssh/sshd_config: ``` Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes256-gcm,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc MACs umac-64,umac-128,hmac-sha2-256,hmac-sha2-512,hmac-sha1 ``` ...or basically to remove the chacha cipher and etm macs from both configs. To get a list of the current ciphers and macs: ``` ssh -Q cipher ssh -Q mac sshd -T | grep -e '^ciphers ' -e '^macs ' ```
Created erlang tracking bugs for this issue: Affects: epel-all [bug 2255862] Affects: fedora-all [bug 2255863]
Created python-paramiko tracking bugs for this issue: Affects: epel-all [bug 2255907] Affects: fedora-all [bug 2255908] Affects: openstack-rdo [bug 2255912]
Hello Peter You did remove chacha cipher and etm macs, but the ciphers you referred continue to use weak ciphers like CBC, which will continue report cbc related vulnerabilities. To mitigate the CVE-2023-48795 and avoid other vulnerabilities to be reported, we can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config. Below strict set of Ciphers and MACs can be used as mitigation for RHEL 7. ``` Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes256-gcm MACs umac-64,umac-128,hmac-sha2-256,hmac-sha2-512 ``` OR Remove the chacha cipher and etm macs from both config options which are currently configured. ``` ssh -Q cipher ssh -Q mac sshd -T | grep -e '^ciphers ' -e '^macs ' ``` Regards Ravindra
FEDORA-EPEL-2024-b45b6eada5 has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0455 https://access.redhat.com/errata/RHSA-2024:0455
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0429 https://access.redhat.com/errata/RHSA-2024:0429
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0499 https://access.redhat.com/errata/RHSA-2024:0499
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0538 https://access.redhat.com/errata/RHSA-2024:0538
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0594 https://access.redhat.com/errata/RHSA-2024:0594
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0606 https://access.redhat.com/errata/RHSA-2024:0606
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0625 https://access.redhat.com/errata/RHSA-2024:0625
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0628 https://access.redhat.com/errata/RHSA-2024:0628
Giving the timing, the problem report here may indicate there's an issue with the RHEL8 fix - https://superuser.com/questions/1828501/how-to-solve-ssh-connection-corrupted-error - or it could be unrelated. Just a heads up.
There is a known issue with this version : https://github.com/oracle/oracle-linux/issues/125 and Oracle has pulled back this patch for now from their repos. So running below will restore access. sudo dnf downgrade openssh-server sudo dnf clean all This will update the packages openssh , openssh-clients , openssh-server back to openssh-server-8.0p1-19.el8_8.x86_64 from current openssh-server-8.0p1-19.el8_8.x86_64
This issue has been addressed in the following products: Red Hat build of Quarkus 3.2.10 Via RHSA-2024:0722 https://access.redhat.com/errata/RHSA-2024:0722
This issue has been addressed in the following products: RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2) Via RHSA-2024:0789 https://access.redhat.com/errata/RHSA-2024:0789
This issue has been addressed in the following products: RHOSS-1.31-RHEL-8 Via RHSA-2024:0843 https://access.redhat.com/errata/RHSA-2024:0843
This issue has been addressed in the following products: Openshift Serverless 1 on RHEL 8 Via RHSA-2024:0880 https://access.redhat.com/errata/RHSA-2024:0880
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:0954 https://access.redhat.com/errata/RHSA-2024:0954
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7197 https://access.redhat.com/errata/RHSA-2023:7197
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7198 https://access.redhat.com/errata/RHSA-2023:7198
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7201 https://access.redhat.com/errata/RHSA-2023:7201
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:0766 https://access.redhat.com/errata/RHSA-2024:0766
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:1130 https://access.redhat.com/errata/RHSA-2024:1130
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:1150 https://access.redhat.com/errata/RHSA-2024:1150
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 Via RHSA-2024:1193 https://access.redhat.com/errata/RHSA-2024:1193
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 Via RHSA-2024:1192 https://access.redhat.com/errata/RHSA-2024:1192
This issue has been addressed in the following products: EAP 8.0.1 Via RHSA-2024:1194 https://access.redhat.com/errata/RHSA-2024:1194
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform Via RHSA-2024:1197 https://access.redhat.com/errata/RHSA-2024:1197
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 Via RHSA-2024:1196 https://access.redhat.com/errata/RHSA-2024:1196
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:1210 https://access.redhat.com/errata/RHSA-2024:1210
Hello, Are there plans to backport the fix to Red Hat OpenShift Container Platform 4.10 and Red Hat OpenShift Container Platform 4.12 ? Cory Oldford
This issue has been addressed in the following products: OPENSHIFT-BUILDS-1.0-RHEL-8 Via RHSA-2024:1557 https://access.redhat.com/errata/RHSA-2024:1557
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 Via RHSA-2024:1676 https://access.redhat.com/errata/RHSA-2024:1676
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 Via RHSA-2024:1675 https://access.redhat.com/errata/RHSA-2024:1675
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 Via RHSA-2024:1674 https://access.redhat.com/errata/RHSA-2024:1674
This issue has been addressed in the following products: EAP 7.4.16 Via RHSA-2024:1677 https://access.redhat.com/errata/RHSA-2024:1677
This issue has been addressed in the following products: OADP-1.3-RHEL-9 Via RHSA-2024:1859 https://access.redhat.com/errata/RHSA-2024:1859
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:2988 https://access.redhat.com/errata/RHSA-2024:2988
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 for RHEL 9 Via RHSA-2024:2735 https://access.redhat.com/errata/RHSA-2024:2735
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 for RHEL 8 Via RHSA-2024:2768 https://access.redhat.com/errata/RHSA-2024:2768
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 for RHEL 9 Via RHSA-2024:2728 https://access.redhat.com/errata/RHSA-2024:2728
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2024:3479 https://access.redhat.com/errata/RHSA-2024:3479
This issue has been addressed in the following products: OCP-Tools-4.13-RHEL-8 Via RHSA-2024:3636 https://access.redhat.com/errata/RHSA-2024:3636
This issue has been addressed in the following products: OCP-Tools-4.14-RHEL-8 Via RHSA-2024:3634 https://access.redhat.com/errata/RHSA-2024:3634
This issue has been addressed in the following products: OCP-Tools-4.12-RHEL-8 Via RHSA-2024:3635 https://access.redhat.com/errata/RHSA-2024:3635
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:3918 https://access.redhat.com/errata/RHSA-2024:3918
Hi Team - I spun up an ARO cluster version 4.15.17 and see that this chacha20-poly1305 is still being seen. As per https://access.redhat.com/errata/RHSA-2024:3918 and https://access.redhat.com/errata/RHSA-2023:7198 should have mitigated the cipher. Please advise. ➜ ~ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.15.17 True False 11m Cluster version is 4.15.17 ➜ ~ oc get nodes NAME STATUS ROLES AGE VERSION rodtestcluster-vlwj6-worker-westeurope1-w86dv Ready worker 3h18m v1.28.10+a2c84a5 ➜ ~ oc debug node/rodtestcluster-vlwj6-worker-westeurope1-w86dv Starting pod/rodtestcluster-vlwj6-worker-westeurope1-w86dv-debug ... To use host binaries, run `chroot /host` Pod IP: 10.0.2.5 If you don't see a command prompt, try pressing enter. sh-4.4# chroot /host sh-5.1# sshd -T|grep -i cipher main: sshd: ssh-rsa algorithm is disabled ciphers aes256-gcm,chacha20-poly1305,aes256-ctr,aes128-gcm,aes128-ctr
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:4010 https://access.redhat.com/errata/RHSA-2024:4010
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.16 Via RHSA-2024:0040 https://access.redhat.com/errata/RHSA-2024:0040
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.16 Via RHSA-2024:0041 https://access.redhat.com/errata/RHSA-2024:0041
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:4151 https://access.redhat.com/errata/RHSA-2024:4151
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:4329 https://access.redhat.com/errata/RHSA-2024:4329
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:4479 https://access.redhat.com/errata/RHSA-2024:4479
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:4484 https://access.redhat.com/errata/RHSA-2024:4484
This issue has been addressed in the following products: OCP-Tools-4.15-RHEL-8 Via RHSA-2024:4597 https://access.redhat.com/errata/RHSA-2024:4597
This issue has been addressed in the following products: RHEL-9-CNV-4.15 Via RHSA-2024:4662 https://access.redhat.com/errata/RHSA-2024:4662
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.16 Via RHSA-2024:4613 https://access.redhat.com/errata/RHSA-2024:4613
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:4955 https://access.redhat.com/errata/RHSA-2024:4955
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:4959 https://access.redhat.com/errata/RHSA-2024:4959
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:4960 https://access.redhat.com/errata/RHSA-2024:4960
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:5200 https://access.redhat.com/errata/RHSA-2024:5200
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:5438 https://access.redhat.com/errata/RHSA-2024:5438
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:5432 https://access.redhat.com/errata/RHSA-2024:5432
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:5433 https://access.redhat.com/errata/RHSA-2024:5433
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:6406 https://access.redhat.com/errata/RHSA-2024:6406
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.17 Via RHSA-2024:3718 https://access.redhat.com/errata/RHSA-2024:3718
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:8235 https://access.redhat.com/errata/RHSA-2024:8235