Bug 2064702 (CVE-2022-27191) - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
Summary: CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-27191
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2068514 2071561 2071562 2071563 2074248 2074249 2074250 2068511 2068512 2068513 2068515 2068516 2073276 2073280 2073281 2073282 2073283 2073284 2073292 2074251 2074252 2074253 2074254 2074255 2074256 2074257 2074258 2074259 2074260 2074261 2074262 2074263 2074264 2074265 2074266 2074267 2074268 2074272 2074273 2074274 2074275 2074276 2074277 2074278 2074279 2074280 2074281 2074282 2074283 2074284 2074285 2074286 2074287 2074288 2074289 2074290 2074291 2074292 2074293 2074294 2074295 2074296 2074297 2074298 2074299 2075237 2075238 2075239 2075240 2075241 2075243 2075244 2075245 2075246 2075247 2075248 2075249 2075250
Blocks: 2064715
TreeView+ depends on / blocked
 
Reported: 2022-03-16 11:41 UTC by TEJ RATHI
Modified: 2023-10-17 11:28 UTC (History)
93 users (show)

Fixed In Version: golang.org/x/crypto/ssh v0.0.0-20220315160706-3147a52a75
Doc Type: If docs needed, set a value
Doc Text:
A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability.
Clone Of:
Environment:
Last Closed: 2023-01-31 15:25:32 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:1476 0 None None None 2022-04-20 23:46:42 UTC
Red Hat Product Errata RHSA-2022:4956 0 None None None 2022-06-09 02:06:47 UTC
Red Hat Product Errata RHSA-2022:5068 0 None None None 2022-08-10 10:09:11 UTC
Red Hat Product Errata RHSA-2022:5069 0 None None None 2022-08-10 10:34:36 UTC
Red Hat Product Errata RHSA-2022:6347 0 None None None 2022-09-06 12:58:21 UTC
Red Hat Product Errata RHSA-2022:6526 0 None None None 2022-09-14 19:27:50 UTC
Red Hat Product Errata RHSA-2022:6527 0 None None None 2022-09-14 16:36:41 UTC
Red Hat Product Errata RHSA-2022:7401 0 None None None 2023-01-17 19:35:37 UTC
Red Hat Product Errata RHSA-2022:7457 0 None None None 2022-11-08 09:11:49 UTC
Red Hat Product Errata RHSA-2022:7469 0 None None None 2022-11-08 09:13:31 UTC
Red Hat Product Errata RHSA-2022:7954 0 None None None 2022-11-15 09:48:01 UTC
Red Hat Product Errata RHSA-2022:8008 0 None None None 2022-11-15 09:57:33 UTC
Red Hat Product Errata RHSA-2022:8634 0 None None None 2022-11-28 02:51:43 UTC
Red Hat Product Errata RHSA-2022:8893 0 None None None 2022-12-15 21:33:20 UTC
Red Hat Product Errata RHSA-2022:8932 0 None None None 2022-12-12 18:04:57 UTC
Red Hat Product Errata RHSA-2022:8938 0 None None None 2022-12-13 02:11:40 UTC
Red Hat Product Errata RHSA-2022:9096 0 None None None 2023-01-30 05:48:19 UTC
Red Hat Product Errata RHSA-2022:9107 0 None None None 2023-01-04 06:46:16 UTC
Red Hat Product Errata RHSA-2023:1326 0 None None None 2023-05-17 22:32:01 UTC
Red Hat Product Errata RHSA-2023:3366 0 None None None 2023-06-07 02:02:29 UTC
Red Hat Product Errata RHSA-2023:3943 0 None None None 2023-06-29 14:32:36 UTC
Red Hat Product Errata RHSA-2023:4488 0 None None None 2023-08-07 00:27:42 UTC

Description TEJ RATHI 2022-03-16 11:41:19 UTC 
A potential crash in a golang.org/x/crypto/ssh server under these conditions:

• The server has been configured by passing a Signer to ServerConfig.AddHostKey.
• The Signer passed to AddHostKey does not also implement AlgorithmSigner.
• The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method.
Comment 8 Anten Skrabec 2022-04-11 21:37:19 UTC 
Created buildah tracking bugs for this issue:

Affects: fedora-all [bug 2074252]


Created caddy tracking bugs for this issue:

Affects: fedora-all [bug 2074253]


Created cri-o:1.22/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2074254]


Created cri-o:nightly/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2074255]


Created doctl tracking bugs for this issue:

Affects: fedora-all [bug 2074256]


Created golang-github-francoispqt-gojay tracking bugs for this issue:

Affects: fedora-all [bug 2074257]


Created golang-github-hashicorp-consul-api tracking bugs for this issue:

Affects: fedora-all [bug 2074258]


Created golang-github-hashicorp-consul-sdk tracking bugs for this issue:

Affects: fedora-all [bug 2074259]


Created golang-github-moby-buildkit tracking bugs for this issue:

Affects: fedora-all [bug 2074260]


Created golang-github-protonmail-crypto tracking bugs for this issue:

Affects: fedora-all [bug 2074261]


Created golang-googlecode-go-crypto tracking bugs for this issue:

Affects: epel-all [bug 2074248]


Created golang-x-crypto tracking bugs for this issue:

Affects: epel-all [bug 2074249]
Affects: fedora-all [bug 2074262]


Created gomtree tracking bugs for this issue:

Affects: fedora-all [bug 2074263]


Created mantle tracking bugs for this issue:

Affects: fedora-all [bug 2074264]


Created origin tracking bugs for this issue:

Affects: fedora-all [bug 2074265]


Created pack tracking bugs for this issue:

Affects: fedora-all [bug 2074266]


Created podman tracking bugs for this issue:

Affects: fedora-all [bug 2074267]


Created rclone tracking bugs for this issue:

Affects: epel-all [bug 2074250]


Created restic tracking bugs for this issue:

Affects: epel-all [bug 2074251]


Created vultr tracking bugs for this issue:

Affects: fedora-all [bug 2074268]
Comment 15 errata-xmlrpc 2022-04-20 23:46:37 UTC 
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8

Via RHSA-2022:1476 https://access.redhat.com/errata/RHSA-2022:1476
Comment 16 Peter Hunt 2022-05-17 15:48:01 UTC 
NPD doesn't use this package, only the terminal package within crypto/ssh
Comment 17 Peter Hunt 2022-05-17 15:49:59 UTC 
as is evidenced by my referencing NPD, I closed the wrong bug, sorry for the noise
Comment 18 errata-xmlrpc 2022-06-09 02:06:41 UTC 
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8

Via RHSA-2022:4956 https://access.redhat.com/errata/RHSA-2022:4956
Comment 25 errata-xmlrpc 2022-08-10 10:09:07 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11
  Ironic content for Red Hat OpenShift Container Platform 4.11

Via RHSA-2022:5068 https://access.redhat.com/errata/RHSA-2022:5068
Comment 26 errata-xmlrpc 2022-08-10 10:34:33 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11

Via RHSA-2022:5069 https://access.redhat.com/errata/RHSA-2022:5069
Comment 27 errata-xmlrpc 2022-09-06 12:58:16 UTC 
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8

Via RHSA-2022:6347 https://access.redhat.com/errata/RHSA-2022:6347
Comment 28 errata-xmlrpc 2022-09-14 16:36:36 UTC 
This issue has been addressed in the following products:

  RHEL-7-CNV-4.11
  RHEL-8-CNV-4.11

Via RHSA-2022:6527 https://access.redhat.com/errata/RHSA-2022:6527
Comment 29 errata-xmlrpc 2022-09-14 19:27:45 UTC 
This issue has been addressed in the following products:

  RHEL-8-CNV-4.11

Via RHSA-2022:6526 https://access.redhat.com/errata/RHSA-2022:6526
Comment 32 errata-xmlrpc 2022-11-08 09:11:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:7457 https://access.redhat.com/errata/RHSA-2022:7457
Comment 33 errata-xmlrpc 2022-11-08 09:13:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:7469 https://access.redhat.com/errata/RHSA-2022:7469
Comment 34 errata-xmlrpc 2022-11-15 09:47:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:7954 https://access.redhat.com/errata/RHSA-2022:7954
Comment 35 errata-xmlrpc 2022-11-15 09:57:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:8008 https://access.redhat.com/errata/RHSA-2022:8008
Comment 36 errata-xmlrpc 2022-11-28 02:51:39 UTC 
This issue has been addressed in the following products:

  OADP-1.1-RHEL-8

Via RHSA-2022:8634 https://access.redhat.com/errata/RHSA-2022:8634
Comment 38 errata-xmlrpc 2022-12-12 18:04:54 UTC 
This issue has been addressed in the following products:

  Openshift Serverless 1 on RHEL 8

Via RHSA-2022:8932 https://access.redhat.com/errata/RHSA-2022:8932
Comment 39 errata-xmlrpc 2022-12-13 02:11:37 UTC 
This issue has been addressed in the following products:

  RHOSS-1.26-RHEL-8

Via RHSA-2022:8938 https://access.redhat.com/errata/RHSA-2022:8938
Comment 41 errata-xmlrpc 2022-12-15 21:33:16 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11

Via RHSA-2022:8893 https://access.redhat.com/errata/RHSA-2022:8893
Comment 48 errata-xmlrpc 2023-01-04 06:46:13 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11

Via RHSA-2022:9107 https://access.redhat.com/errata/RHSA-2022:9107
Comment 51 errata-xmlrpc 2023-01-17 19:35:33 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2022:7401 https://access.redhat.com/errata/RHSA-2022:7401
Comment 52 errata-xmlrpc 2023-01-30 05:48:16 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2022:9096 https://access.redhat.com/errata/RHSA-2022:9096
Comment 53 Product Security DevOps Team 2023-01-31 15:25:26 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-27191
Comment 55 errata-xmlrpc 2023-05-17 22:31:58 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2023:1326 https://access.redhat.com/errata/RHSA-2023:1326
Comment 56 errata-xmlrpc 2023-06-07 02:02:24 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2023:3366 https://access.redhat.com/errata/RHSA-2023:3366
Comment 57 errata-xmlrpc 2023-06-29 14:32:32 UTC 
This issue has been addressed in the following products:

  RHACS-4.1-RHEL-8

Via RHSA-2023:3943 https://access.redhat.com/errata/RHSA-2023:3943
Comment 61 errata-xmlrpc 2023-08-07 00:27:38 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11

Via RHSA-2023:4488 https://access.redhat.com/errata/RHSA-2023:4488
Note You need to log in before you can comment on or make changes to this bug.