x/crypto/ssh: implement strict KEX protocol changes #64784
Labels
Milestone
Comments
|
Change https://go.dev/cl/550715 mentions this issue: |
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.14.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.14.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 14, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.14.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 21, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 24, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 24, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.14.0 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen
added a commit
to jluhrsen/egress-router-cni
that referenced
this issue
Jun 24, 2024
as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 => golang.org/x/crypto v0.17.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) ❯ git br * (HEAD detached at v0.17.0) master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A MITM attacker can arbitrarily delete messages from a connection before the secure channel is established, as sequence numbers are only validated once the channel is established and arbitrary messages are allowed during the handshake, allowing them to manipulate the sequence numbers. Depending on the cipher being used, once the secure channel is established, the attacker can then use the manipulated sequence numbers to delete messages sent immediately after the channel is established.
These issues were fixed in OpenSSH 9.6, and documented in section 1.9 of the PROTOCOL file.
This is CVE-2023-48795.
The text was updated successfully, but these errors were encountered: