Bug 1384566 - Memory leak in KEXINIT resulting in a DoS situation
Summary: Memory leak in KEXINIT resulting in a DoS situation
Keywords:
Status: CLOSED DUPLICATE of bug 1384860
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openssh
Version: 7.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Jelen
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-10-13 14:45 UTC by thibaut.pouzet
Modified: 2016-10-17 07:42 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-10-17 07:42:14 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description thibaut.pouzet 2016-10-13 14:45:10 UTC
Description of problem:

There has been a patch made upstream for a DoS issue within openssh-server
https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad#diff-cc9e833353f4432391cb4c8463c0a2be
Comment of the commit : 
Unregister the KEXINIT handler after message has been received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause allocation of up to 128MB -- until the connection is closed. Reported by shilei-c at 360.cn

I cannot find any information inside RedHat's bugzilla about the status of RHEL on this topic.

Version-Release number of selected component (if applicable):

Unknown

How reproducible:

Unknown

Additional info:

Comment 2 Jakub Jelen 2016-10-17 07:42:14 UTC

*** This bug has been marked as a duplicate of bug 1384860 ***


Note You need to log in before you can comment on or make changes to this bug.