ALP-pool/libssh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync from SUSE:ALP:Source:Standard:1.0 libssh revision 7d946196a5c292a9e043f78be38a85a9

Browse Source
This commit is contained in:
Adrian Schröter
2025-08-14 11:15:56 +02:00
parent e4d69c627f
commit 84b8700ce6
9 changed files with 2874 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
libssh-CVE-2025-4877.patch Normal file
View File

@@ -0,0 +1,52 @@
From 00f09acbec55962839fc7837ef14c56fb8fbaf72 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 15 Apr 2025 11:41:24 +0200
Subject: CVE-2025-4877 base64: Prevent integer overflow and potential OOB
Set maximum input to 256MB to have safe margin to the 1GB trigger point
for 32b arch.
The OOB should not be reachable by any internal code paths as most of
the buffers and strings we use as input for this operation already have
similar limit and none really allows this much of data.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/base64.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/src/base64.c b/src/base64.c
index 0d8e378a..73dd0f77 100644
--- a/src/base64.c
+++ b/src/base64.c
@@ -29,6 +29,9 @@
#include "libssh/priv.h"
#include "libssh/buffer.h"
+/* Do not allow encoding more than 256MB of data */
+#define BASE64_MAX_INPUT_LEN 256 * 1024 * 1024
+
static
const uint8_t alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz"
@@ -278,7 +281,15 @@ uint8_t *bin_to_base64(const uint8_t *source, size_t len)
{
uint8_t *base64 = NULL;
uint8_t *ptr = NULL;
- size_t flen = len + (3 - (len % 3)); /* round to upper 3 multiple */
+ size_t flen = 0;
+
+ /* Set the artificial upper limit for the input. Otherwise on 32b arch, the
+ * following line could overflow for sizes larger than SIZE_MAX / 4 */
+ if (len > BASE64_MAX_INPUT_LEN) {
+ return NULL;
+ }
+
+ flen = len + (3 - (len % 3)); /* round to upper 3 multiple */
flen = (4 * flen) / 3 + 1;
base64 = malloc(flen);
--
cgit v1.2.3

2536
libssh-CVE-2025-4878-1.patch Normal file
View File

File diff suppressed because it is too large Load Diff

28
libssh-CVE-2025-4878-2.patch Normal file
View File

@@ -0,0 +1,28 @@
From 8dc29f140be33b34e6e4a0c228bdce18eb610441 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 28 Apr 2025 11:04:55 +0200
Subject: CVE-2025-4878 legacy: Properly check return value to avoid NULL
pointer dereference
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/legacy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/legacy.c b/src/legacy.c
index 6ba5c624..65a47d6e 100644
--- a/src/legacy.c
+++ b/src/legacy.c
@@ -441,7 +441,7 @@ ssh_private_key privatekey_from_file(ssh_session session,
auth_fn,
auth_data,
&key);
- if (rc == SSH_ERROR) {
+ if (rc != SSH_OK) {
return NULL;
}
--
cgit v1.2.3

24
libssh-CVE-2025-5318.patch Normal file
View File

@@ -0,0 +1,24 @@
From ae8881dfe54214c0c0eb88345c35e15a14081b3d Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 22 Apr 2025 21:18:44 +0200
Subject: CVE-2025-5318: sftpserver: Fix possible buffer overrun
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/sftpserver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: libssh-0.10.6/src/sftpserver.c
===================================================================
--- libssh-0.10.6.orig/src/sftpserver.c
+++ libssh-0.10.6/src/sftpserver.c
@@ -538,7 +538,7 @@ void *sftp_handle(sftp_session sftp, ssh
memcpy(&val, ssh_string_data(handle), sizeof(uint32_t));
- if (val > SFTP_HANDLES) {
+ if (val >= SFTP_HANDLES) {
return NULL;
}

31
libssh-CVE-2025-5351.patch Normal file
View File

@@ -0,0 +1,31 @@
From acb158e8277adad473ed32ea1640a3d0b70d733b Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 6 May 2025 22:43:31 +0200
Subject: CVE-2025-5351 pki_crypto: Avoid double-free on low-memory conditions
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/pki_crypto.c | 2 ++
1 file changed, 2 insertions(+)
Index: libssh-0.10.6/src/pki_crypto.c
===================================================================
--- libssh-0.10.6.orig/src/pki_crypto.c
+++ libssh-0.10.6/src/pki_crypto.c
@@ -1962,6 +1962,7 @@ ssh_string pki_publickey_to_blob(const s
bignum_safe_free(bg);
bignum_safe_free(bpub_key);
OSSL_PARAM_free(params);
+ params = NULL;
#endif /* OPENSSL_VERSION_NUMBER */
break;
@@ -2023,6 +2024,7 @@ ssh_string pki_publickey_to_blob(const s
bignum_safe_free(bn);
bignum_safe_free(be);
OSSL_PARAM_free(params);
+ params = NULL;
#endif /* OPENSSL_VERSION_NUMBER */
break;
}

143
libssh-CVE-2025-5372.patch Normal file
View File

@@ -0,0 +1,143 @@
From e2afe196d8d77c42b2a764ae86f92c2964221f69 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 14 May 2025 14:07:58 +0200
Subject: CVE-2025-5372 libgcrypto: Simplify error checking and handling of
return codes in ssh_kdf()
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/libcrypto.c | 62 ++++++++++++++++++++++++++-------------------------------
1 file changed, 28 insertions(+), 34 deletions(-)
Index: libssh-0.10.6/src/libcrypto.c
===================================================================
--- libssh-0.10.6.orig/src/libcrypto.c
+++ libssh-0.10.6/src/libcrypto.c
@@ -163,7 +163,7 @@ int ssh_kdf(struct ssh_crypto_struct *cr
uint8_t key_type, unsigned char *output,
size_t requested_len)
{
- int rc = -1;
+ int ret = SSH_ERROR, rv;
#if OPENSSL_VERSION_NUMBER < 0x30000000L
EVP_KDF_CTX *ctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF);
#else
@@ -185,81 +185,75 @@ int ssh_kdf(struct ssh_crypto_struct *cr
}
#if OPENSSL_VERSION_NUMBER < 0x30000000L
- rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD,
+ rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD,
sshkdf_digest_to_md(crypto->digest_type));
- if (rc != 1) {
+ if (rv != 1) {
goto out;
}
- rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, key, key_len);
- if (rc != 1) {
+ rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, key, key_len);
+ if (rv != 1) {
goto out;
}
- rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
+ rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
crypto->secret_hash, crypto->digest_len);
- if (rc != 1) {
+ if (rv != 1) {
goto out;
}
- rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, key_type);
- if (rc != 1) {
+ rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, key_type);
+ if (rv != 1) {
goto out;
}
- rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
+ rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
crypto->session_id, crypto->session_id_len);
- if (rc != 1) {
+ if (rv != 1) {
goto out;
}
- rc = EVP_KDF_derive(ctx, output, requested_len);
- if (rc != 1) {
+ rv = EVP_KDF_derive(ctx, output, requested_len);
+ if (rv != 1) {
goto out;
}
#else
- rc = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST,
+ rv = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST,
md, strlen(md));
- if (rc != 1) {
- rc = -1;
+ if (rv != 1) {
goto out;
}
- rc = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY,
+ rv = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY,
key, key_len);
- if (rc != 1) {
- rc = -1;
+ if (rv != 1) {
goto out;
}
- rc = OSSL_PARAM_BLD_push_octet_string(param_bld,
+ rv = OSSL_PARAM_BLD_push_octet_string(param_bld,
OSSL_KDF_PARAM_SSHKDF_XCGHASH,
crypto->secret_hash,
crypto->digest_len);
- if (rc != 1) {
- rc = -1;
+ if (rv != 1) {
goto out;
}
- rc = OSSL_PARAM_BLD_push_octet_string(param_bld,
+ rv = OSSL_PARAM_BLD_push_octet_string(param_bld,
OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
crypto->session_id,
crypto->session_id_len);
- if (rc != 1) {
- rc = -1;
+ if (rv != 1) {
goto out;
}
- rc = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE,
+ rv = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE,
(const char*)&key_type, 1);
- if (rc != 1) {
- rc = -1;
+ if (rv != 1) {
goto out;
}
params = OSSL_PARAM_BLD_to_param(param_bld);
if (params == NULL) {
- rc = -1;
goto out;
}
- rc = EVP_KDF_derive(ctx, output, requested_len, params);
- if (rc != 1) {
- rc = -1;
+ rv = EVP_KDF_derive(ctx, output, requested_len, params);
+ if (rv != 1) {
goto out;
}
#endif /* OPENSSL_VERSION_NUMBER */
+ ret = SSH_OK;
out:
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
@@ -267,8 +261,8 @@ out:
OSSL_PARAM_free(params);
#endif
EVP_KDF_CTX_free(ctx);
- if (rc < 0) {
- return rc;
+ if (ret < 0) {
+ return ret;
}
return 0;
}

28
libssh-CVE-2025-5987.patch Normal file
View File

@@ -0,0 +1,28 @@
From bc4804aa9bb1092a4ede288cb29cae4506c0e393 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 6 May 2025 22:51:41 +0200
Subject: CVE-2025-5987 libcrypto: Correctly detect failures of chacha
initialization
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/libcrypto.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Index: libssh-0.10.6/src/libcrypto.c
===================================================================
--- libssh-0.10.6.orig/src/libcrypto.c
+++ libssh-0.10.6/src/libcrypto.c
@@ -771,9 +771,9 @@ chacha20_poly1305_set_key(struct ssh_cip
SSH_LOG(SSH_LOG_WARNING, "EVP_CIPHER_CTX_new failed");
goto out;
}
- ret = EVP_EncryptInit_ex(ctx->header_evp, EVP_chacha20(), NULL,
+ rv = EVP_EncryptInit_ex(ctx->header_evp, EVP_chacha20(), NULL,
u8key + CHACHA20_KEYLEN, NULL);
- if (ret != 1) {
+ if (rv != 1) {
SSH_LOG(SSH_LOG_WARNING, "EVP_CipherInit failed");
goto out;
}

18
libssh.changes
View File

@@ -1,3 +1,21 @@
-------------------------------------------------------------------
Wed Jun 25 16:41:05 UTC 2025 - Lucas Mulling <lucas.mulling@suse.com>
- Fix CVE-2025-5372: ssh_kdf() returns a success code on certain failures (bsc#1245314)
* Add patch libssh-CVE-2025-5372.patch
- Fix CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend (bsc#1245317)
* Add patch libssh-CVE-2025-5987.patch
- Fix CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions (bsc#1245309)
* Add patch libssh-CVE-2025-4877.patch
- Fix CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() (bsc#1245310)
* Add patches:
- libssh-CVE-2025-4878-1.patch
- libssh-CVE-2025-4878-2.patch
- Fix CVE-2025-5318: Likely read beyond bounds in sftp server handle management (bsc#1245311)
* Add patch libssh-CVE-2025-5318.patch
- Fix CVE-2025-5351: Double free in functions exporting keys (bsc#1245312)
* Add patch libssh-CVE-2025-5351.patch
-------------------------------------------------------------------
Sat Dec 23 10:35:07 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>

14
libssh.spec
View File

@@ -44,6 +44,19 @@ Source4: libssh_server.config
Source99: baselibs.conf
Patch0: 0001-disable-timeout-test-on-slow-buildsystems.patch
Patch1: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/431.patch#/libssh-fix-ipv6-hostname-regression.patch
# PATCH-FIX-UPSTREAM: ssh_kdf() returns a success code on certain failures (CVE-2025-5372, bsc#1245314)
Patch100: libssh-CVE-2025-5372.patch
# PATCH-FIX-UPSTREAM: Invalid return code for chacha20 poly1305 with OpenSSL backend (CVE-2025-5987, bsc#1245317)
Patch101: libssh-CVE-2025-5987.patch
# PATCH-FIX-UPSTREAM: Write beyond bounds in binary to base64 conversion functions (CVE-2025-4877, bsc#1245309)
Patch102: libssh-CVE-2025-4877.patch
# PATCH-FIX-UPSTREAM: Use of uninitialized variable in privatekey_from_file() (CVE-2025-4878, bsc#1245310)
Patch103: libssh-CVE-2025-4878-1.patch
Patch104: libssh-CVE-2025-4878-2.patch
# PATCH-FIX-UPSTREAM: Likely read beyond bounds in sftp server handle management (CVE-2025-5318, bsc#1245311)
Patch105: libssh-CVE-2025-5318.patch
# PATCH-FIX-UPSTREAM: Double free in functions exporting keys (CVE-2025-5351, bsc#1245312)
Patch106: libssh-CVE-2025-5351.patch
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: krb5-devel
@@ -64,6 +77,7 @@ BuildRequires: uid_wrapper
%endif
%endif
%description
An SSH implementation in the form of a library. With libssh, you can remotely
execute programs, transfer files, use a secure and transparent tunnel for your