Bugzilla – Bug 849536
VUL-0: CVE-2013-4548: openssh: memory corruption in post-authentication session allow code execution
Last modified: 2016-08-31 04:24:45 UTC
OSS:11446 A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher(aes128-gcm@openssh.com or aes256-gcm@openssh.com) is selected during kex exchange. If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations. References: http://www.openssh.com/txt/gcmrekey.adv http://comments.gmane.org/gmane.comp.security.oss.general/11446
The SWAMPID for this issue is 55036. This issue was rated as important. Please submit fixed packages until 2013-11-15. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
This has a precondition that AES-GCM is supported by openssl. Our openssl version currently in SUSE Linux Enterprise Server 11 does not support AES-GCM, so openssh is built without this support. So SUSE Linux Enterprise Server 11 and older are not affected by this security issue. (in buildlog: [ 70s] checking whether OpenSSL has AES GCM via EVP... no ) OpenSUSE 13.1 is affected by this problem. openSUSE 12.3 and older versions use older openssh versions without support for this cipher.
This is an autogenerated message for OBS integration: This bug (849536) was mentioned in https://build.opensuse.org/request/show/206335 13.1 / openssh
bugbot adjusting priority
Update released for openSUSE 13.1. Resolved fixed.
openSUSE-SU-2013:1726-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 849536 CVE References: CVE-2013-4548 Sources used: openSUSE 13.1 (src): openssh-6.2p2-3.4.1, openssh-askpass-gnome-6.2p2-3.4.1
This is an autogenerated message for OBS integration: This bug (849536) was mentioned in https://build.opensuse.org/request/show/207991 Factory / openssh