Bug 1852930 (CVE-2020-14145) - CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation
Summary: CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak...
Status: NEW
Alias: CVE-2020-14145
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1852931
Blocks: 1852932
TreeView+ depends on / blocked
Reported: 2020-07-01 15:34 UTC by Michael Kaplan
Modified: 2020-07-08 04:36 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed:

Attachments (Terms of Use)

Description Michael Kaplan 2020-07-01 15:34:33 UTC
The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).



Comment 1 Michael Kaplan 2020-07-01 15:34:51 UTC
Created openssh tracking bugs for this issue:

Affects: fedora-all [bug 1852931]

Comment 5 Huzaifa S. Sidhpurwala 2020-07-08 04:33:42 UTC

This attack is only feasible when connecting to a malicious man-in-the-middle SSH servers, whose host keys have not been verified by the ssh client side users. The attacker can only detect if the client is using a host key from its key store or new host key has been presented to it. Therefore does not present a real world attack scenario.

Comment 6 Huzaifa S. Sidhpurwala 2020-07-08 04:33:46 UTC

Always connect to SSH servers with verified host keys to avoid any possibilities of man-in-the-middle attack.

Note You need to log in before you can comment on or make changes to this bug.