CVE-2023-2283
First published: Wed Apr 26 2023(Updated: )
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/libssh | <0:0.9.6-10.el8_8 | 0:0.9.6-10.el8_8 |
| Libssh Libssh | >=0.9.1<=0.9.6 | |
| Libssh Libssh | >=0.10.0<=0.10.4 | |
| Fedoraproject Fedora | =37 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2023-2283
- https://www.libssh.org/security/advisories/CVE-2023-2283.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=2189736
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/
- https://www.cve.org/CVERecord?id=CVE-2023-2283 https://nvd.nist.gov/vuln/detail/CVE-2023-2283 https://www.libssh.org/security/advisories/CVE-2023-2283.txt
- https://access.redhat.com/errata/RHSA-2023:3839
- https://access.redhat.com/security/cve/cve-2023-2283
- http://packetstormsecurity.com/files/172861/libssh-0.9.6-0.10.4-pki_verify_data_signature-Authorization-Bypass.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/
- https://security.gentoo.org/glsa/202312-05
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2196100
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2196102
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2196101
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2196103
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2196104
- https://access.redhat.com/errata/RHSA-2023:6643
- https://access.redhat.com/errata/RHSA-2024:0538
- https://security.netapp.com/advisory/ntap-20240201-0005/
Frequently Asked Questions
What is CVE-2023-2283?
CVE-2023-2283 is a vulnerability found in libssh that allows the authentication check of the connecting client to be bypassed.
What is the severity of CVE-2023-2283?
The severity of CVE-2023-2283 is medium with a CVSS score of 6.5.
How does CVE-2023-2283 affect Libssh?
CVE-2023-2283 affects Libssh versions 0.9.1 to 0.9.6 and versions 0.10.0 to 0.10.4.
How can I fix CVE-2023-2283?
To fix CVE-2023-2283, update to libssh version 0.9.6-10.el8_8 or apply the necessary patches from the official sources.
Where can I find more information about CVE-2023-2283?
You can find more information about CVE-2023-2283 on the official Red Hat and libssh websites.
- collector/nvd-latest
- collector/redhat-cve
- collector/nvd-index
- agent/author
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/severity
- agent/weakness
- agent/description
- agent/references
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-2283
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- package-manager/redhat
- vendor/libssh
- canonical/libssh libssh
- version/libssh libssh/0.9.1
- version/libssh libssh/0.9.6
- version/libssh libssh/0.10.0
- version/libssh libssh/0.10.4
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- version/redhat enterprise linux/9.0