1
23.7 Legacy Series / CVE-2023-48795
« on: December 27, 2023, 07:54:01 am »
hi.
i stumbled over
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
also see
https://nvd.nist.gov/vuln/detail/CVE-2023-48795
as far as i (try to) understand the attack needs to be MITM and can downgrade the secure channel(s) to unsecure/observable.
but i dont quite grasp how to interpret the relation to the "ssh client" CVE's (f.e. CVE-2023-46445).
researching further i find that my opnsense 23.7.10_1 uses openssh-portable 9.3.p2_2,1 - for which at least the repo for the 9.3 version (https://github.com/openssh/openssh-portable/tree/V_9_3) seems to be unchanged since july - but i obviously know nothing about the dev process of opensense so i cant see if "our" package is already patched against this kind of attacks.
can someone more knowledgeable step up and help me out here ?
tia,tja...
i stumbled over
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
also see
https://nvd.nist.gov/vuln/detail/CVE-2023-48795
as far as i (try to) understand the attack needs to be MITM and can downgrade the secure channel(s) to unsecure/observable.
but i dont quite grasp how to interpret the relation to the "ssh client" CVE's (f.e. CVE-2023-46445).
researching further i find that my opnsense 23.7.10_1 uses openssh-portable 9.3.p2_2,1 - for which at least the repo for the 9.3 version (https://github.com/openssh/openssh-portable/tree/V_9_3) seems to be unchanged since july - but i obviously know nothing about the dev process of opensense so i cant see if "our" package is already patched against this kind of attacks.
can someone more knowledgeable step up and help me out here ?
tia,tja...