From nobody Fri Feb 21 03:09:29 2025 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YzZqF3Y6jz5ns1R for ; Fri, 21 Feb 2025 03:09:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YzZqF39WXz3pmN; Fri, 21 Feb 2025 03:09:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1740107369; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4VkMxKdKlH18hHZUKpm5glZB93f/sLfX7s7/67z5dnM=; b=x7Yj26C0HugaCBbM9PoCKonchZNTdqLIbbf99a+kZtK0Z1tKg95ARJc2TXjFBS9hNqoydK MYm7sNmttAGueXZn1nBkdsZrywfcXeof+faOyPkjt0Z4AVd3WhsAp8KCf2vJuNncXbvOYD eC9lCs/b5o6QxZA101M9/IW2HhZVDmiRTlpXsfn2ZkcsNm7OuGybTYp+g6NMROh5QvbWz7 T4SDAG0A6GQKP4OUiUpvJ6mCIYqDbWLxFQgcwSWk0EEcFxyozFaagoqs9ss3Dz7sUM5SrQ C3vaVlFMFw52kpB6hVe7Po9goBP75Eot6hfMuI0cdOYdTdY28VBDOFyz0GaCTQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1740107369; a=rsa-sha256; cv=none; b=u1h/q85BzfpOv7ghji5EMqMN74OQspoTpAf2Dhk5g+lL8YRmkWLGuFzrG5hNIoNsavMiYZ 3MQ44XrT92+scT04Ekthgss0Hg0ejMEmbIH51LTXy3BjAiUFZKey7NLaqFazkRMLF3hJW/ zs2JVGOdvHn70Ocg+htB8cM2XehYRPSVv72DBdPFDwKuS7/4BmuXaB+P4Ml2naM452siQh tGlKRguPSXv653c2zFVA6TG04ZQtderftK1e4QGewGCbCBRJc4+2SpJ9VUZFefT/16U9VD STMhGJlH++sqrdGxzANp54ZyLQwwqFS/2sgoMzoIyPd2Xswx6+8SiIQQDOdIIA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1740107369; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4VkMxKdKlH18hHZUKpm5glZB93f/sLfX7s7/67z5dnM=; b=r3X9o+WxXO80agTWLcjqELCJIlGiK7CenkTGJpPfmmy96OoV9PjQoQYiPtOxUD0lKrZvcs ZOhVXTlKxGVqJhQmo4uGhJJgF/gS9z7dv0kP5hLGQzpPjUHMTCBuFgbcgIiHBlZu2GQYG/ YeRBVOP1rPREYR1MtTmzndJ3i0cd2Wq5ME/WsGiPMXATQhPFMidxP5ruNodpILAvgFhSuu J5NTfu50k/B2YAUoCO0Ox4OJgo7o5NDNf2VcUOqN6sBFmhc+nbenp6h4Hdhs7WJ5ukVfTq Z6shRzry9EIsCe3VfzaIeWKb75Oswg6GqZ7y639XHNVaTNNk7w3+J/kbVZf5Eg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YzZqF2Wgbz1JT0; Fri, 21 Feb 2025 03:09:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 51L39TJO002060; Fri, 21 Feb 2025 03:09:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 51L39Tum002057; Fri, 21 Feb 2025 03:09:29 GMT (envelope-from git) Date: Fri, 21 Feb 2025 03:09:29 GMT Message-Id: <202502210309.51L39Tum002057@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Gordon Tetlow Subject: git: 31a650820f - main - Add SA-25:05.openssh. List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 31a650820fb947107470d17e32c9338697cba850 Auto-Submitted: auto-generated The branch main has been updated by gordon: URL: https://cgit.FreeBSD.org/doc/commit/?id=31a650820fb947107470d17e32c9338697cba850 commit 31a650820fb947107470d17e32c9338697cba850 Author: Gordon Tetlow AuthorDate: 2025-02-21 03:09:14 +0000 Commit: Gordon Tetlow CommitDate: 2025-02-21 03:09:14 +0000 Add SA-25:05.openssh. Approved by: so --- website/data/security/advisories.toml | 4 + .../advisories/FreeBSD-SA-25:05.openssh.asc | 180 +++++++++++++++++++++ .../static/security/patches/SA-25:05/openssh.patch | 143 ++++++++++++++++ .../security/patches/SA-25:05/openssh.patch.asc | 16 ++ 4 files changed, 343 insertions(+) diff --git a/website/data/security/advisories.toml b/website/data/security/advisories.toml index 8e676bbf20..fb54b5d5e6 100644 --- a/website/data/security/advisories.toml +++ b/website/data/security/advisories.toml @@ -1,6 +1,10 @@ # Sort advisories by year, month and day # $FreeBSD$ +[[advisories]] +name = "FreeBSD-SA-25:05.openssh" +date = "2025-02-21" + [[advisories]] name = "FreeBSD-SA-25:04.ktrace" date = "2025-01-29" diff --git a/website/static/security/advisories/FreeBSD-SA-25:05.openssh.asc b/website/static/security/advisories/FreeBSD-SA-25:05.openssh.asc new file mode 100644 index 0000000000..9410baf89b --- /dev/null +++ b/website/static/security/advisories/FreeBSD-SA-25:05.openssh.asc @@ -0,0 +1,180 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-25:05.openssh Security Advisory + The FreeBSD Project + +Topic: Multiple vulnerabilities in OpenSSH + +Category: contrib +Module: openssh +Announced: 2025-02-21 +Credits: Qualys Security Advisory team +Affects: All supported versions of FreeBSD. +Corrected: 2025-02-19 14:54:37 UTC (stable/14, 14.2-STABLE) + 2025-02-21 02:56:26 UTC (releng/14.2, 14.2-RELEASE-p2) + 2025-02-21 02:56:40 UTC (releng/14.1, 14.1-RELEASE-p8) + 2025-02-19 16:05:16 UTC (stable/13, 13.5-STABLE) + 2025-02-20 18:00:47 UTC (releng/13.5, 13.5-BETA3) + 2025-02-21 02:56:50 UTC (releng/13.4, 13.4-RELEASE-p4) +CVE Name: CVE-2025-26465, CVE-2025-26466 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +OpenSSH is an implementation of the SSH protocol suite, providing an +encrypted and authenticated transport for a variety of services, including +remote shell access. + +II. Problem Description + +* OpenSSH client host verification error (CVE-2025-26465) + +ssh(1) contains a logic error that allows an on-path attacker to impersonate +any server during certain conditions when the VerifyHostKeyDNS option is +enabled. + +* OpenSSH server denial of service (CVE-2025-26466) + +The OpenSSH client and server are both vulnerable to a memory/CPU denial of +service while handling SSH2_MSG_PING packets. + +III. Impact + +* OpenSSH client host verification error (CVE-2025-26465) + +Under specific circumstances, a machine-in-the-middle may impersonate any +server when the client has the VerifyHostKeyDNS option enabled. + +* OpenSSH server denial of service (CVE-2025-26466) + +During the processing of SSH2_MSG_PING packets, a server may be subject to a +memory/CPU denial of service. + +IV. Workaround + +* OpenSSH client host verification error (CVE-2025-26465) + +Disable the VerifyHostKeyDNS configuration directive in the ssh(1) +configuration and rely on trust-on-first-use host keys or SSH certificate based +host keys. See ssh_config(5). + +* OpenSSH server denial of service (CVE-2025-26466) + +No workaround is available, but this condition may be mitigated in the server +by using the LoginGraceTime and MaxStartups server configuration directives. +See sshd_config(5). + +V. Solution + +Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date and +restart sshd(8). + +Perform one of the following: + +1) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms, +or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8) +utility: + +# freebsd-update fetch +# freebsd-update install +# ## freebsd-update will automatically restart sshd. + +Note: The binary update provided by freebsd-update is slightly different than +the patch in the source tree. Specifically, the commented out VersionAddendum +in the ssh_config(5) and sshd_config(5) files and corresponding manpages is +not included to prevent an unnecessary interactive merge operation. Since +this was only to update a comment, it was deemed preferred to have this +slight divergence to improve the end-user experience. The underlying source +code is otherwise the same. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/SA-25:05/openssh.patch +# fetch https://security.FreeBSD.org/patches/SA-25:05/openssh.patch.asc +# gpg --verify openssh.patch.asc + +Note: The patch listed here is the patch used by the freebsd-update build and +is lacking the changes for the VersionAddendum comments in the configuration +files and manpages. + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart the applicable daemons, or reboot the system. + +VI. Correction details + +This issue is corrected as of the corresponding Git commit hash in the +following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/14/ 24ce323f020f stable/14-n270447 +releng/14.2/ 4b8a2f716588 releng/14.2-n269517 +releng/14.1/ fe49460873e0 releng/14.1-n267740 +stable/13/ 2fc62d0bd4f7 stable/13-n259174 +releng/13.5/ 78b4f775184c releng/13.5-n259148 +releng/13.4/ 14c733f25493 releng/13.4-n258278 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + + + + + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAme37REACgkQbljekB8A +Gu/++hAAuhFt0VHitGW+zyAv6m6AXTT/l9O+77jqacIGtut1MkXUfqkdDrXLUo+Y +2OT2zXyGqygiHFB5n0+Ww4wFBUxWIFXFlIArTNp1CuYvwbxTJEi9A4X7X9TfseB0 +F96RN2RA2cIjbDfADr/mcnyBLzA1JMSC35VKOFM3k3Qv4X+vmk6B6n32I7iRA2UO +EUW4wO1N9y2u2rFujadevukK1nfktb7GStC7lVoesPAteCj4hzU8tp316NgAhqT1 +p046lqqgeDfyMC+YxSJDhoelEnT+5kUSFX7f193wJpUTPkdN1z+8fpmQdQXndvlR +skzjgICdy2ApkSadCDnNAWQYAhRwo7xPX3SwbLx6RRA8LpVWJb6pj8ThLxsVBSEE +UiUqkWjFRiHaE+CiZpZptAfEbCcLCwpxqgtrZRkZcu5KuzI0I/wCvYWpRuSqBE2/ +QBGP7+bLCRKtHCb8LsYoOpmZO9fkbEIKURA4ym+WQWubxjG2d7L5rzNggKe/KoUj +F9SK6c3220dGGEaqTbjPt9D9NkC9H4XH32HsRwFkjxg6//PrASsVc9n+E14baNGk +3Xfqk1uBiJSTwMk1a6r1pRR1O3YOO6g4CYkptJdW94ju2R6ni8yFe+Zbx5KZIYvu +Cn5JCAb0u5xCr4brDqk7EvvAh245w+CiO5BaM5HmoWDncGxD5oU= +=wbm/ +-----END PGP SIGNATURE----- diff --git a/website/static/security/patches/SA-25:05/openssh.patch b/website/static/security/patches/SA-25:05/openssh.patch new file mode 100644 index 0000000000..4d49fe53ef --- /dev/null +++ b/website/static/security/patches/SA-25:05/openssh.patch @@ -0,0 +1,143 @@ +--- crypto/openssh/krl.c.orig ++++ crypto/openssh/krl.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: krl.c,v 1.59 2023/07/17 05:22:30 djm Exp $ */ ++/* $OpenBSD: krl.c,v 1.60 2025/02/18 08:02:48 djm Exp $ */ + /* + * Copyright (c) 2012 Damien Miller + * +@@ -674,6 +674,7 @@ + break; + case KRL_SECTION_CERT_SERIAL_BITMAP: + if (rs->lo - bitmap_start > INT_MAX) { ++ r = SSH_ERR_INVALID_FORMAT; + error_f("insane bitmap gap"); + goto out; + } +@@ -1059,6 +1060,7 @@ + } + + if ((krl = ssh_krl_init()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; + error_f("alloc failed"); + goto out; + } +--- crypto/openssh/ssh-agent.c.orig ++++ crypto/openssh/ssh-agent.c +@@ -1226,6 +1226,7 @@ + "restrict-destination-v00@openssh.com") == 0) { + if (*dcsp != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_froms(m, &b)) != 0) { +@@ -1235,6 +1236,7 @@ + while (sshbuf_len(b) != 0) { + if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1, +@@ -1252,6 +1254,7 @@ + } + if (*certs != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_get_u8(m, &v)) != 0 || +@@ -1263,6 +1266,7 @@ + while (sshbuf_len(b) != 0) { + if (*ncerts >= AGENT_MAX_EXT_CERTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *certs = xrecallocarray(*certs, *ncerts, *ncerts + 1, +@@ -1759,6 +1763,7 @@ + /* record new key/sid */ + if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) { + error_f("too many session IDs recorded"); ++ r = -1; + goto out; + } + e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids, +--- crypto/openssh/ssh-sk-client.c.orig ++++ crypto/openssh/ssh-sk-client.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: ssh-sk-client.c,v 1.12 2022/01/14 03:34:00 djm Exp $ */ ++/* $OpenBSD: ssh-sk-client.c,v 1.13 2025/02/18 08:02:48 djm Exp $ */ + /* + * Copyright (c) 2019 Google LLC + * +@@ -439,6 +439,7 @@ + } + if ((srk = calloc(1, sizeof(*srk))) == NULL) { + error_f("calloc failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + srk->key = key; +@@ -450,6 +451,7 @@ + if ((tmp = recallocarray(srks, nsrks, nsrks + 1, + sizeof(*srks))) == NULL) { + error_f("recallocarray keys failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + debug_f("srks[%zu]: %s %s uidlen %zu", nsrks, +--- crypto/openssh/sshconnect2.c.orig ++++ crypto/openssh/sshconnect2.c +@@ -101,7 +101,7 @@ + options.required_rsa_size)) != 0) + fatal_r(r, "Bad server host key"); + if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, +- xxx_conn_info) == -1) ++ xxx_conn_info) != 0) + fatal("Host key verification failed."); + return 0; + } +@@ -700,6 +700,7 @@ + + if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { + debug_f("server sent unknown pkalg %s", pkalg); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { +@@ -710,6 +711,7 @@ + error("input_userauth_pk_ok: type mismatch " + "for decoded key (received %d, expected %d)", + key->type, pktype); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + +@@ -729,6 +731,7 @@ + SSH_FP_DEFAULT); + error_f("server replied with unknown key: %s %s", + sshkey_type(key), fp == NULL ? "" : fp); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + ident = format_identity(id); +--- crypto/openssh/sshsig.c.orig ++++ crypto/openssh/sshsig.c +@@ -874,6 +874,7 @@ + } + if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { + error_f("buffer error"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + /* success */ +--- crypto/openssh/version.h.orig ++++ crypto/openssh/version.h +@@ -5,4 +5,4 @@ + #define SSH_PORTABLE "p1" + #define SSH_RELEASE SSH_VERSION SSH_PORTABLE + +-#define SSH_VERSION_FREEBSD "FreeBSD-20240806" ++#define SSH_VERSION_FREEBSD "FreeBSD-20250219" diff --git a/website/static/security/patches/SA-25:05/openssh.patch.asc b/website/static/security/patches/SA-25:05/openssh.patch.asc new file mode 100644 index 0000000000..9aa682debb --- /dev/null +++ b/website/static/security/patches/SA-25:05/openssh.patch.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAme37RsACgkQbljekB8A +Gu+RqQ/7BbQmr0mfrOW8uVnS0pPLrcsi4LAFZkHP6G0K/3aLDPqTVrzwHgkhG946 +zQNWRgRSqhc76e11DFmYmp7qjhxB+EZNURd8SXVgvKBesOhDLkkFt2BT+UGehuhf +Zehpqqhtnn8LcG3yy+mN6bS7kdUs+Wgo58fRPCEntD34sBjchuNJBXyiinLEKpn/ +Ce8La4AVhBhsdgtoySWkYQsVBkMhK0vX9nFp0yNKItiZX1NzOkCitF87LEEUZ0ks +8zFVHe+MU5yBAtqazeww1RGo60zjwTjvYAAvQKolEjc371RwYb1N1q36BuEgrLeK +iVXvE2GKYGeMNk8JW5bvnZoeQnPKKFAn6fIY5upUxznAmL6lH7nHYeM7H5VuAdTY +uo9NMdPOroBrPLHuVIFG+smtdPhwskw20TKogszeSSx+ivjKy3TBaroxF5/rtSEb +Cu+rojnKI6Bv79/oa26lmq2fp5RXCKlvU2AFsIwBqowfo+NUWi7QjW4ca/Gy+wZL +qR+5DkgVSzKxAHZs/DlMPELMhXEqJ67WhOyQmpT3Uu9xclmDUR9NoMNnrAx7urUS +WAdczlN17HdARtaS/6czSsq1Ey3zl0xeetF+XgMmcJeG4NrqV1fBxz37rn4P44+T +LA12vG3W2ZqPVgOYTGDvYJa6l15AwX5JSsVqbSZ7Rq1vh5KmdUk= +=FUbX +-----END PGP SIGNATURE-----