[Bug 1005480] New: OpenSSH: Memory exhaustion issue found in OpenSSH
http://bugzilla.suse.com/show_bug.cgi?id=1005480 Bug ID: 1005480 Summary: OpenSSH: Memory exhaustion issue found in OpenSSH Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Reference: http://seclists.org/oss-sec/2016/q4/185 =================================================== Hi, The OpenSSH has a memory exhaustion bug in key exchange process. An unauthenticated peer could repeat the KEXINIT and cause allocation of up to 384MB(not 128MB that the official said). In the default case, an attacker can build 100 such connections, which will consume 38400 MB of memory on the server. The patch is here: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup -- Regards, Shi Lei / Gear Team, Qihoo 360 Inc. GPG Key ID 37048936 / 5C4C 85C6 068C A5A0 23FA 0294 D9CE 9C25 3704 8936 =================================================== -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1005480
Mikhail Kasimov
http://bugzilla.suse.com/show_bug.cgi?id=1005480
Mikhail Kasimov
http://bugzilla.suse.com/show_bug.cgi?id=1005480
Marcus Meissner
participants (1)
-
bugzilla_noreply@novell.com