Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 876907 (CVE-2021-36369) - <net-misc/dropbear-2022.82: forwarded agent abuse
Summary: <net-misc/dropbear-2022.82: forwarded agent abuse
Status: RESOLVED FIXED
Alias: CVE-2021-36369
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://github.com/mkj/dropbear/relea...
Whiteboard: B4 [glsa?]
Keywords:
Depends on: 877023
Blocks:
  Show dependency tree
 
Reported: 2022-10-13 01:52 UTC by John Helmert III
Modified: 2023-03-06 04:32 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-13 01:52:15 UTC 
CVE-2021-36369 (https://github.com/mkj/dropbear/pull/128):

An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.

Please stabilize 2022.82.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-11-28 04:02:30 UTC 
Please cleanup
Comment 2 Larry the Git Cow gentoo-dev 2023-03-01 13:44:50 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2d6a3e2a78ea3a3a82e933bbc71f25b995aa7b5c

commit 2d6a3e2a78ea3a3a82e933bbc71f25b995aa7b5c
Author:     Viorel Munteanu <ceamac@gentoo.org>
AuthorDate: 2023-03-01 12:53:53 +0000
Commit:     Viorel Munteanu <ceamac@gentoo.org>
CommitDate: 2023-03-01 13:41:28 +0000

    net-misc/dropbear: drop 2020.81-r3
    
    Bug: https://bugs.gentoo.org/876907
    Signed-off-by: Viorel Munteanu <ceamac@gentoo.org>

 net-misc/dropbear/Manifest                   |   1 -
 net-misc/dropbear/dropbear-2020.81-r3.ebuild | 125 ---------------------------
 2 files changed, 126 deletions(-)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-03-06 04:32:03 UTC 
Thanks! Complex/high requirements to exploit, so no GLSA. All done!