Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
CVE-2023-48795
« previous
next »
Print
Pages: [
1
]
Author
Topic: CVE-2023-48795 (Read 1354 times)
tja
Newbie
Posts: 24
Karma: 0
CVE-2023-48795
«
on:
December 27, 2023, 07:54:01 am »
hi.
i stumbled over
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
also see
https://nvd.nist.gov/vuln/detail/CVE-2023-48795
as far as i (try to) understand the attack needs to be MITM and can downgrade the secure channel(s) to unsecure/observable.
but i dont quite grasp how to interpret the relation to the "ssh client" CVE's (f.e. CVE-2023-46445).
researching further i find that my opnsense 23.7.10_1 uses openssh-portable 9.3.p2_2,1 - for which at least the repo for the 9.3 version (
https://github.com/openssh/openssh-portable/tree/V_9_3
) seems to be unchanged since july - but i obviously know nothing about the dev process of opensense so i cant see if "our" package is already patched against this kind of attacks.
can someone more knowledgeable step up and help me out here ?
tia,tja...
Logged
Stormscape
Newbie
Posts: 12
Karma: 3
Re: CVE-2023-48795
«
Reply #1 on:
December 27, 2023, 09:28:46 am »
As a temporary measure, if you're really that worried about security, simply remove ChaCha20-Poly1305 from the list of allowed ciphers in System -> Settings -> Administration, by changing the Ciphers list to be the CTR and GCM ciphers only, specifically these ones:
aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com
Since it's the end of the year right now, it might not be until the new year that updates get issued for FreeBSD, that workaround was advised by Fabian Bäumer, one of the authors of the paper on that attack, so I'd go with that for now.
Logged
doktornotor
Hero Member
Posts: 709
Karma: 70
Re: CVE-2023-48795
«
Reply #2 on:
December 27, 2023, 10:26:15 am »
https://forum.opnsense.org/index.php?topic=37718.msg185075#msg185075
Logged
tja
Newbie
Posts: 24
Karma: 0
Re: CVE-2023-48795
«
Reply #3 on:
December 27, 2023, 10:43:57 am »
thx very much
Logged
franco
Administrator
Hero Member
Posts: 17659
Karma: 1611
Re: CVE-2023-48795
«
Reply #4 on:
December 27, 2023, 12:07:20 pm »
Posted a test package in the other thread.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
CVE-2023-48795