Red Hat Security Advisory 2024-1196-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
2130fbf5d26dc7b366b1c67d35c9f3e8d8f200259ffbb0a2f00c34674ea9fced
Red Hat Security Advisory 2024-1150-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.
3b380d599f1e214465c02c27a990fbb02861e6c1f243873037b7a30d987161db
Red Hat Security Advisory 2024-1130-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
81ece00c1a0fa3af166446b3fac05f48fad824008e773bbee6b4296a6a0afd61
Red Hat Security Advisory 2024-0628-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.
de5da48873b00d46c511d533b4f5ac800ab7c91ac818c4e2584b7899e8b81213
Red Hat Security Advisory 2024-0625-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
018cd548988820355474e81032b83f08e31c531ea5f9991fcba5c157634915d3
Red Hat Security Advisory 2024-0606-03 - An update for openssh is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
0d25beb100b05b6a8c8a5fdfee0301113431217df46c78cc1f31d355bbf50f2d
Red Hat Security Advisory 2024-0594-03 - An update for openssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.
894b0a37963313f96fa44fafb400227dc9fa3a99cc7f03e42ca81113473a1362
Red Hat Security Advisory 2024-0499-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
ca24d6289d8a982597d3f2514213879395c4b7716d3efba7cb69afbfd9cf5fe7
Red Hat Security Advisory 2024-0455-03 - An update for openssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.
c5e3227243298a1e3bb59ac48643d3fe6e16b93315e9aa5aff8cb788c2e02d3e
Red Hat Security Advisory 2024-0429-03 - An update for openssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a code execution vulnerability.
7090a47affc80a0a7550d6e1832cd509f48348953e2a1b4351764fa4597c0803
Ubuntu Security Notice 6598-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
dd8a1a95b3a16c6fe45623db4f26f252a81bb8e5b368cdbaffd76de031b0e0fd
Ubuntu Security Notice 6589-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information.
8518668a4badaa795ff43751102221732a1799bf651302c95ea7ee967ec088d0
Ubuntu Security Notice 6585-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
d368df4c0d357987893502f341336db0f44b79a83468cb12d62846d219bc5e7b
Debian Linux Security Advisory 5601-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
74939800a29d48ded37e9813459aa6b29068a867d2c407034d466d7a7bb36ee5
Debian Linux Security Advisory 5600-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
8cfe6e2a5aa62ff4c70ee28350070f1ea5a4506b8305130470d356424e8fe7c6
Debian Linux Security Advisory 5599-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
a0c9e4b89d0e004e7f26020948eef0d8e208379ab02cce69468a0e02ce7ea9b2
Ubuntu Security Notice 6560-2 - USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
279f23efe6b36684994928a454f01081c5330f4103d3e9a111b6c5ff07c9a1f6
Debian Linux Security Advisory 5591-1 - Several vulnerabilities were discovered in libssh, a tiny C SSH library.
f815049b2837197686b4875cddb418f75a8e54d47afc59fdafc4741b2b0cb015
Gentoo Linux Security Advisory 202312-16 - Multiple vulnerabilities have been discovered in libssh, the worst of which could lead to code execution. Versions greater than or equal to 0.10.6 are affected.
475da9d4074fee95dd103c9e4072c2a5bae6c16622c02660f94da00f23ad5f16
Gentoo Linux Security Advisory 202312-17 - Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could lead to code execution. Versions greater than or equal to 9.6_p1 are affected.
ba995f8d24608fff3aaab0d0ad90892e7d28d73639eaace76ba4733a544b788c
Debian Linux Security Advisory 5588-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
7af4170ad4031fd3d2a9ee78c01336ac9376c0590df4e88dd4e5550f0258ed24
Debian Linux Security Advisory 5586-1 - Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite.
eb54a28b3d95ad19c4329f6295f24f93dcd4b5a934d6c9ce761901a356063b87
Ubuntu Security Notice 6561-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
8f52ef16febd3fcb63d268e25f07f329e2c9d13758975705c9d030e5ddde6336
Ubuntu Security Notice 6560-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
51525d3d372386042a7048e135a3579c6ec9ecb0ef1d895b68c1fc09cff7aaec
In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.
3d6be8cc2a9c624a06990226485956c5d92675a632da2182c2546e4af814ff93