Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 575474 (CVE-2016-0787) - <net-libs/libssh2-1.7.0 : Wrong calculation of Diffie Helllman secret length (CVE-2016-0787)
Summary: <net-libs/libssh2-1.7.0 : Wrong calculation of Diffie Helllman secret length ...
Status: RESOLVED FIXED
Alias: CVE-2016-0787
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.libssh2.org/adv_20160223....
Whiteboard: A4 [glsa cve]
Keywords:
: 575740 (view as bug list)
Depends on:
Blocks:
 
Reported: 2016-02-23 13:20 UTC by Hanno Böck
Modified: 2016-06-26 13:00 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2016-02-23 13:20:55 UTC 
From advisory:
"During the SSHv2 handshake when libssh2 is to get a suitable value for 'group order' in the Diffle Hellman negotiation, it would pass in number of bytes to a function that expected number of bits. This would result in the library generating numbers using only an 8th the number of random bits than what were intended: 128 or 256 bits instead of 1023 or 2047"

Fix is in libssh 1.7.0.
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-23 15:17:35 UTC 
*** Bug 575484 has been marked as a duplicate of this bug. ***
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-27 06:56:07 UTC 
*** Bug 575740 has been marked as a duplicate of this bug. ***
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-27 07:30:01 UTC 
Arch teams, please test and mark stable:
=net-libs/libssh2-1.7.0
Targeted stable KEYWORDS : alpha amd64 arm arm64 hppa ia64 ppc ppc64 sparc x86
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-27 12:13:50 UTC 
Stable for PPC64.
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-27 12:43:23 UTC 
Stable for HPPA.
Comment 6 Agostino Sarubbo gentoo-dev 2016-03-02 14:00:25 UTC 
amd64 stable
Comment 7 Aaron Bauman (RETIRED) gentoo-dev 2016-03-13 11:46:33 UTC 
Added to existing GLSA.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2016-03-13 11:56:26 UTC 
CVE-2016-0787 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0787):
  A type confusion issue was found in the way libssh2 generated ephemeral
  secrets for the diffie-hellman-group1 and diffie-hellman-group14 key
  exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use
  significantly less secure random parameters.
Comment 9 Markus Meier gentoo-dev 2016-03-13 12:29:07 UTC 
arm stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-03-15 16:43:20 UTC 
x86 stable
Comment 11 Tobias Klausmann (RETIRED) gentoo-dev 2016-03-16 09:23:41 UTC 
Stable on alpha.
Comment 12 Agostino Sarubbo gentoo-dev 2016-03-16 12:07:24 UTC 
ppc stable
Comment 13 Agostino Sarubbo gentoo-dev 2016-03-19 11:39:37 UTC 
sparc stable
Comment 14 Agostino Sarubbo gentoo-dev 2016-03-20 12:03:18 UTC 
ia64 stable
Comment 15 Aaron Bauman (RETIRED) gentoo-dev 2016-03-25 13:30:00 UTC 
stable arches complete.
Comment 16 Aaron Bauman (RETIRED) gentoo-dev 2016-03-25 13:31:33 UTC 
@maintainer, please cleanup the vulnerable versions.
Comment 17 Aaron Bauman (RETIRED) gentoo-dev 2016-06-21 06:29:08 UTC 
Added to existing GLSA.
Comment 18 GLSAMaker/CVETool Bot gentoo-dev 2016-06-26 13:00:45 UTC 
This issue was resolved and addressed in
 GLSA 201606-12 at https://security.gentoo.org/glsa/201606-12
by GLSA coordinator Aaron Bauman (b-man).