The following security issue has been discovered in putty < 0.71: * a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification * potential recycling of random numbers used in cryptography * on Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding * multiple denial-of-service attacks that can be triggered by writing to the terminal * Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels Reference: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html Upstream commit: https://build.opensuse.org/request/show/685782
External References: https://www.chiark.greenend.org.uk/~sgtatham/putty/releases/0.71.html
Created putty tracking bugs for this issue: Affects: fedora-all [bug 1690385]
Created putty tracking bugs for this issue: Affects: epel-all [bug 1690386]
Updated flaw with CVEs: CVE-2019-9894: A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. CVE-2019-9895: In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. CVE-2019-9898: Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. CVE-2019-9897: Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.