mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
libssh: Fix CVE-2025-8277
Upstream-Commits: https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=87db2659ec608a977a63eea529f17b9168388d73 & https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=266174a6d36687b65cf90174f06af90b8b27c65f & https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=8e4d67aa9eda455bfad9ac610e54b7a548d0aa08 & https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=1c763e29d138db87665e98983f468d2dd0f286c1 The changes made to the file src/ecdh_crypto.c are excluded, present in the commit 266174a6d36687b65cf90174f06af90b8b27c65. The relevant changes in `ecdh_crypto.c` are located within the function `static ssh_string ssh_ecdh_generate`. This function, however, is not present in the `libssh-0.10.6` version. It was introduced in `libssh` version 0.11 by the commit `https://git.libssh.org/projects/libssh.git/commit/src/ecdh_crypto.c?h=stable-0.11&id=1eb3df5254a4348eae6edbc8a2bf08fef4015897`. Consequently, these changes cannot be directly applied to the `libssh-0.10.6` version. This aligns with the approach taken by other distributions, as Suse also did not backport the `ecdh_crypto.c` file changes in their `libssh-0.10.6-3.1.src.rpm` package, which is available at `https://cdimage.debian.org/mirror/opensuse.org/distribution/leap-micro/6.0/product/repo/openSUSE-Leap-Micro-6.0-x86_64-Media3/src/libssh-0.10.6-3.1.src.rpm`. Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Vijay Anusuri
committed by
Anuj Mittal
Anuj Mittal
parent
34093c56ae
commit
f6e2841080
@@ -0,0 +1,40 @@
|
||||
From 87db2659ec608a977a63eea529f17b9168388d73 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Tue, 5 Aug 2025 18:42:31 +0200
|
||||
Subject: CVE-2025-8277: packet: Adjust packet filter to work when DH-GEX is
|
||||
guessed wrongly
|
||||
|
||||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
(cherry picked from commit 4310a696f2d632c6742678077d703d9b9ff3bc0e)
|
||||
|
||||
Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=87db2659ec608a977a63eea529f17b9168388d73]
|
||||
CVE: CVE-2025-8277
|
||||
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
||||
---
|
||||
src/packet.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/packet.c b/src/packet.c
|
||||
index f15aa2ad..f54b3158 100644
|
||||
--- a/src/packet.c
|
||||
+++ b/src/packet.c
|
||||
@@ -294,6 +294,7 @@ static enum ssh_packet_filter_result_e ssh_packet_incoming_filter(ssh_session se
|
||||
* or session_state == SSH_SESSION_STATE_INITIAL_KEX
|
||||
* - dh_handshake_state == DH_STATE_INIT
|
||||
* or dh_handshake_state == DH_STATE_INIT_SENT (re-exchange)
|
||||
+ * or dh_handshake_state == DH_STATE_REQUEST_SENT (dh-gex)
|
||||
* or dh_handshake_state == DH_STATE_FINISHED (re-exchange)
|
||||
*
|
||||
* Transitions:
|
||||
@@ -313,6 +314,7 @@ static enum ssh_packet_filter_result_e ssh_packet_incoming_filter(ssh_session se
|
||||
|
||||
if ((session->dh_handshake_state != DH_STATE_INIT) &&
|
||||
(session->dh_handshake_state != DH_STATE_INIT_SENT) &&
|
||||
+ (session->dh_handshake_state != DH_STATE_REQUEST_SENT) &&
|
||||
(session->dh_handshake_state != DH_STATE_FINISHED))
|
||||
{
|
||||
rc = SSH_PACKET_DENIED;
|
||||
--
|
||||
cgit v1.2.3
|
||||
|
||||
@@ -0,0 +1,94 @@
|
||||
From 266174a6d36687b65cf90174f06af90b8b27c65f Mon Sep 17 00:00:00 2001
|
||||
From: Francesco Rollo <eferollo@gmail.com>
|
||||
Date: Thu, 24 Jul 2025 16:30:07 +0300
|
||||
Subject: [PATCH] CVE-2025-8277: Fix memory leak of unused ephemeral key pair
|
||||
after client's wrong KEX guess
|
||||
|
||||
Signed-off-by: Francesco Rollo <eferollo@gmail.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
(cherry picked from commit ccff22d3787c1355b3f0dcd09fe54d90acc55bf1)
|
||||
|
||||
Changes in file 'src/ecdh_crypto.c' excluded.
|
||||
The relevant changes in `ecdh_crypto.c` are located within the function `static ssh_string ssh_ecdh_generate`. This function, however, is not present in the `libssh-0.10.6` version. It was introduced in `libssh` version 0.11 by the commit `https://git.libssh.org/projects/libssh.git/commit/src/ecdh_crypto.c?h=stable-0.11&id=1eb3df5254a4348eae6edbc8a2bf08fef4015897`.
|
||||
|
||||
Consequently, these changes cannot be directly applied to the `libssh-0.10.6` version. This aligns with the approach taken by other distributions, as Suse also did not backport the `ecdh_crypto.c` file changes in their `libssh-0.10.6-3.1.src.rpm` package, which is available at `https://cdimage.debian.org/mirror/opensuse.org/distribution/leap-micro/6.0/product/repo/openSUSE-Leap-Micro-6.0-x86_64-Media3/src/libssh-0.10.6-3.1.src.rpm`.
|
||||
|
||||
Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=266174a6d36687b65cf90174f06af90b8b27c65f]
|
||||
CVE: CVE-2025-8277
|
||||
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
||||
---
|
||||
src/dh_crypto.c | 5 +++++
|
||||
src/dh_key.c | 5 +++++
|
||||
src/ecdh_gcrypt.c | 6 ++++++
|
||||
src/ecdh_mbedcrypto.c | 6 ++++++
|
||||
4 files changed, 22 insertions(+)
|
||||
|
||||
diff --git a/src/dh_crypto.c b/src/dh_crypto.c
|
||||
index 4dd9b507..cedfbc81 100644
|
||||
--- a/src/dh_crypto.c
|
||||
+++ b/src/dh_crypto.c
|
||||
@@ -407,6 +407,11 @@ int ssh_dh_init_common(struct ssh_crypto_struct *crypto)
|
||||
struct dh_ctx *ctx = NULL;
|
||||
int rc;
|
||||
|
||||
+ /* Cleanup any previously allocated dh_ctx */
|
||||
+ if (crypto->dh_ctx != NULL) {
|
||||
+ ssh_dh_cleanup(crypto);
|
||||
+ }
|
||||
+
|
||||
ctx = calloc(1, sizeof(*ctx));
|
||||
if (ctx == NULL) {
|
||||
return SSH_ERROR;
|
||||
diff --git a/src/dh_key.c b/src/dh_key.c
|
||||
index 20d24a31..d9743ceb 100644
|
||||
--- a/src/dh_key.c
|
||||
+++ b/src/dh_key.c
|
||||
@@ -237,6 +237,11 @@ int ssh_dh_init_common(struct ssh_crypto_struct *crypto)
|
||||
struct dh_ctx *ctx = NULL;
|
||||
int rc;
|
||||
|
||||
+ /* Cleanup any previously allocated dh_ctx */
|
||||
+ if (crypto->dh_ctx != NULL) {
|
||||
+ ssh_dh_cleanup(crypto);
|
||||
+ }
|
||||
+
|
||||
ctx = calloc(1, sizeof(*ctx));
|
||||
if (ctx == NULL) {
|
||||
return SSH_ERROR;
|
||||
diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
|
||||
index 73fcd50f..b8d983c1 100644
|
||||
--- a/src/ecdh_gcrypt.c
|
||||
+++ b/src/ecdh_gcrypt.c
|
||||
@@ -101,6 +101,12 @@ int ssh_client_ecdh_init(ssh_session session)
|
||||
goto out;
|
||||
}
|
||||
|
||||
+ /* Free any previously allocated privkey */
|
||||
+ if (session->next_crypto->ecdh_privkey != NULL) {
|
||||
+ gcry_sexp_release(session->next_crypto->ecdh_privkey);
|
||||
+ session->next_crypto->ecdh_privkey = NULL;
|
||||
+ }
|
||||
+
|
||||
session->next_crypto->ecdh_privkey = key;
|
||||
key = NULL;
|
||||
session->next_crypto->ecdh_client_pubkey = client_pubkey;
|
||||
diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
|
||||
index dda73922..6074b93d 100644
|
||||
--- a/src/ecdh_mbedcrypto.c
|
||||
+++ b/src/ecdh_mbedcrypto.c
|
||||
@@ -70,6 +70,12 @@ int ssh_client_ecdh_init(ssh_session session)
|
||||
return SSH_ERROR;
|
||||
}
|
||||
|
||||
+ /* Free any previously allocated privkey */
|
||||
+ if (session->next_crypto->ecdh_privkey != NULL) {
|
||||
+ mbedtls_ecp_keypair_free(session->next_crypto->ecdh_privkey);
|
||||
+ SAFE_FREE(session->next_crypto->ecdh_privkey);
|
||||
+ }
|
||||
+
|
||||
session->next_crypto->ecdh_privkey = malloc(sizeof(mbedtls_ecp_keypair));
|
||||
if (session->next_crypto->ecdh_privkey == NULL) {
|
||||
return SSH_ERROR;
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -0,0 +1,48 @@
|
||||
From 8e4d67aa9eda455bfad9ac610e54b7a548d0aa08 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Wed, 6 Aug 2025 11:10:38 +0200
|
||||
Subject: [PATCH] CVE-2025-8277: ecdh: Free previously allocated pubkeys
|
||||
|
||||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
(cherry picked from commit c9d95ab0c7a52b231bcec09afbea71944ed0d852)
|
||||
|
||||
Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=8e4d67aa9eda455bfad9ac610e54b7a548d0aa08]
|
||||
CVE: CVE-2025-8277
|
||||
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
||||
---
|
||||
src/ecdh_crypto.c | 1 +
|
||||
src/ecdh_gcrypt.c | 3 ++-
|
||||
2 files changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/ecdh_crypto.c b/src/ecdh_crypto.c
|
||||
index 069b1372..4a029db3 100644
|
||||
--- a/src/ecdh_crypto.c
|
||||
+++ b/src/ecdh_crypto.c
|
||||
@@ -220,6 +220,7 @@ int ssh_client_ecdh_init(ssh_session session){
|
||||
}
|
||||
|
||||
session->next_crypto->ecdh_privkey = key;
|
||||
+ ssh_string_free(session->next_crypto->ecdh_client_pubkey);
|
||||
session->next_crypto->ecdh_client_pubkey = client_pubkey;
|
||||
|
||||
/* register the packet callbacks */
|
||||
diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
|
||||
index b8d983c1..662497e3 100644
|
||||
--- a/src/ecdh_gcrypt.c
|
||||
+++ b/src/ecdh_gcrypt.c
|
||||
@@ -106,9 +106,10 @@ int ssh_client_ecdh_init(ssh_session session)
|
||||
gcry_sexp_release(session->next_crypto->ecdh_privkey);
|
||||
session->next_crypto->ecdh_privkey = NULL;
|
||||
}
|
||||
-
|
||||
session->next_crypto->ecdh_privkey = key;
|
||||
key = NULL;
|
||||
+
|
||||
+ SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
|
||||
session->next_crypto->ecdh_client_pubkey = client_pubkey;
|
||||
client_pubkey = NULL;
|
||||
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -0,0 +1,48 @@
|
||||
From 1c763e29d138db87665e98983f468d2dd0f286c1 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Wed, 6 Aug 2025 15:32:56 +0200
|
||||
Subject: [PATCH] CVE-2025-8277: mbedtls: Avoid leaking ecdh keys
|
||||
|
||||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
(cherry picked from commit ffed80f8c078122990a4eba2b275facd56dd43e0)
|
||||
|
||||
Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=1c763e29d138db87665e98983f468d2dd0f286c1]
|
||||
CVE: CVE-2025-8277
|
||||
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
||||
---
|
||||
src/ecdh_mbedcrypto.c | 1 +
|
||||
src/wrapper.c | 5 ++++-
|
||||
2 files changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
|
||||
index 6074b93d..351aa655 100644
|
||||
--- a/src/ecdh_mbedcrypto.c
|
||||
+++ b/src/ecdh_mbedcrypto.c
|
||||
@@ -116,6 +116,7 @@ int ssh_client_ecdh_init(ssh_session session)
|
||||
goto out;
|
||||
}
|
||||
|
||||
+ SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
|
||||
session->next_crypto->ecdh_client_pubkey = client_pubkey;
|
||||
client_pubkey = NULL;
|
||||
|
||||
diff --git a/src/wrapper.c b/src/wrapper.c
|
||||
index 43bf2137..0397f96d 100644
|
||||
--- a/src/wrapper.c
|
||||
+++ b/src/wrapper.c
|
||||
@@ -193,7 +193,10 @@ void crypto_free(struct ssh_crypto_struct *crypto)
|
||||
#endif
|
||||
crypto->ecdh_privkey = NULL;
|
||||
}
|
||||
-#endif
|
||||
+#elif defined HAVE_LIBMBEDCRYPTO
|
||||
+ mbedtls_ecp_keypair_free(crypto->ecdh_privkey);
|
||||
+ SAFE_FREE(crypto->ecdh_privkey);
|
||||
+#endif /* HAVE_LIBGCRYPT */
|
||||
SAFE_FREE(crypto->dh_server_signature);
|
||||
if (crypto->session_id != NULL) {
|
||||
explicit_bzero(crypto->session_id, crypto->session_id_len);
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -18,6 +18,10 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
|
||||
file://CVE-2025-4878-0002.patch \
|
||||
file://CVE-2025-5987.patch \
|
||||
file://CVE-2025-8114.patch \
|
||||
file://CVE-2025-8277-1.patch \
|
||||
file://CVE-2025-8277-2.patch \
|
||||
file://CVE-2025-8277-3.patch \
|
||||
file://CVE-2025-8277-4.patch \
|
||||
"
|
||||
SRCREV = "10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user