Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 763048 (CVE-2020-14145)

Summary: <net-misc/openssh-8.4_p1: info leak in algorithm negotiation (CVE-2020-14145)
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: base-system
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.openwall.com/lists/oss-security/2020/12/02/1
Whiteboard: A4 [glsa+ cve]
Package list:
Runtime testing required: ---
Bug Depends on: 751484    
Bug Blocks:    

Description John Helmert III gentoo-dev Security 2021-01-02 06:29:31 UTC
CVE-2020-14145:

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).

Patch: https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
Comment 1 Larry the Git Cow gentoo-dev 2021-02-06 13:49:08 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c78ffd4871e513b3c7ef6599503b446929b7ace

commit 6c78ffd4871e513b3c7ef6599503b446929b7ace
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2021-02-06 13:48:26 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2021-02-06 13:48:26 +0000

    net-misc/openssh: security cleanup (#763048)
    
    Bug: https://bugs.gentoo.org/763048
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-misc/openssh/Manifest                 |  13 -
 net-misc/openssh/openssh-8.1_p1-r5.ebuild | 471 ---------------------------
 net-misc/openssh/openssh-8.2_p1-r8.ebuild | 486 ----------------------------
 net-misc/openssh/openssh-8.3_p1-r6.ebuild | 511 ------------------------------
 4 files changed, 1481 deletions(-)
Comment 2 Thomas Deutschmann gentoo-dev Security 2021-05-24 00:23:32 UTC
New GLSA request filed.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 10:37:32 UTC
This issue was resolved and addressed in
 GLSA 202105-35 at https://security.gentoo.org/glsa/202105-35
by GLSA coordinator Thomas Deutschmann (whissi).