Andreas Schneider of Red Hat reports: Due to a byte/bit confusion, the DH secret was too short. This file was completely reworked and will be commited in a future version. This issue may be worked around by using other key exchange methods, such as curve25519-sha256 or ecdh-sha2-nistp256, both are not vulnerable. By default, an unpatched libssh implementation will already attempt to use these two more secure methods when supported by the other party.
Created attachment 1122470 [details] libssh-CVE-2016-0739.patch
The embargo is currently set for Feb 23rd, 2016 14:00 CET.
Created attachment 1128493 [details] CVE-2016-0739 advisory text
Created attachment 1129246 [details] Patch The same patch as attached in comment 1, but with correct white spaces / indent.
Tomas, thanks. That patch applies well.
I'm unsure how one would verify that the patch applied, but I see this in the build log: + echo 'Patch #1 (libssh-CVE-2016-0739.patch):' Patch #1 (libssh-CVE-2016-0739.patch): + /usr/bin/cat /builddir/build/SOURCES/libssh-CVE-2016-0739.patch + /usr/bin/patch -p1 --fuzz=0 patching file src/dh.c And I have checked that the patch file starts with: From dc2eaa017fe77e53bd9f1d4327a480d9bfe6cc6a Mon Sep 17 00:00:00 2001 From: Aris Adamantiadis <aris> Date: Tue, 9 Feb 2016 15:09:27 +0100 Subject: [PATCH] dh: fix CVE-2016-0739 Due to a byte/bit confusion, the DH secret was too short. This file was completely reworked and will be commited in a future version. ---
The only way to verify this, is to build libssh with: cmake -DWITH_DEBUG_CRYPTO=ON Then do a rsa connection using the libssh example client ./examples/samplessh. It will print x (the random secret bignum) on the command line.
Fixed upstream in version 0.7.3: https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/
Created libssh tracking bugs for this issue: Affects: fedora-all [bug 1311259] Affects: epel-all [bug 1311260]
External Reference: https://www.libssh.org/security/advisories/CVE-2016-0739.txt
Upstream commit: https://git.libssh.org/projects/libssh.git/commit/?id=4e6ff36a9a3aef72aa214f6fb267c28953b80060
Created libssh tracking bugs for this issue: Affects: fedora-all [bug 1311276] Affects: epel-all [bug 1311277]
Acknowledgments: Name: Aris Adamantiadis
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extras Via RHSA-2016:0566 https://rhn.redhat.com/errata/RHSA-2016-0566.html