Bug 1852930 (CVE-2020-14145) - CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation
Summary: CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak...
Keywords:
Status: NEW
Alias: CVE-2020-14145
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1852931
Blocks: 1852932
TreeView+ depends on / blocked
 
Reported: 2020-07-01 15:34 UTC by Michael Kaplan
Modified: 2020-07-08 04:36 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Michael Kaplan 2020-07-01 15:34:33 UTC
The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).

References:

https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/

Comment 1 Michael Kaplan 2020-07-01 15:34:51 UTC
Created openssh tracking bugs for this issue:

Affects: fedora-all [bug 1852931]

Comment 5 Huzaifa S. Sidhpurwala 2020-07-08 04:33:42 UTC
Statement:

This attack is only feasible when connecting to a malicious man-in-the-middle SSH servers, whose host keys have not been verified by the ssh client side users. The attacker can only detect if the client is using a host key from its key store or new host key has been presented to it. Therefore does not present a real world attack scenario.

Comment 6 Huzaifa S. Sidhpurwala 2020-07-08 04:33:46 UTC
Mitigation:

Always connect to SSH servers with verified host keys to avoid any possibilities of man-in-the-middle attack.


Note You need to log in before you can comment on or make changes to this bug.