Source: dropbear Version: 2022.83-3 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for dropbear. CVE-2023-48795[0]: | The SSH transport protocol with certain OpenSSH extensions, found in | OpenSSH before 9.6 and other products, allows remote attackers to | bypass integrity checks such that some packets are omitted (from the | extension negotiation message), and a client and server may | consequently end up with a connection for which some security | features have been downgraded or disabled, aka a Terrapin attack. | This occurs because the SSH Binary Packet Protocol (BPP), | implemented by these extensions, mishandles the handshake phase and | mishandles use of sequence numbers. For example, there is an | effective attack against SSH's use of ChaCha20-Poly1305 (and CBC | with Encrypt-then-MAC). The bypass occurs in | chacha20-poly1...@openssh.com and (if CBC is used) the | -e...@openssh.com MAC algorithms. This also affects Maverick Synergy | Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh | before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before | 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, and | libssh2 through 1.11.0; and there could be effects on Bitvise SSH | through 9.31. Dropbear commit [1] implements the Strict KEX mode as well. In my understanding of [2] the issue might be less of a security concern for Dropbear itself, not reducing the Dropbear security. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-48795 https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] https://github.com/mkj/dropbear/commit/6e43be5c7b99dbee49dc72b6f989f29fdd7e9356 [2] https://github.com/mkj/dropbear/commit/66bc1fcdee594c6cb1139df0ef8a6c9c5fc3fde3 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
