CVE-2023-2283

Summary

CVE	CVE-2023-2283
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-05-26 18:15:00 UTC
Updated	2024-02-01 17:15:00 UTC
Description	A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Fedoraproject	Fedora	37	All	All	All
Application	Libssh	Libssh	All	All	All	All
Application	Libssh	Libssh	All	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	9.0	All	All	All

References

Reference	Source	Link	Tags
January 2024 MySQL Cluster Vulnerabilities in NetApp Products \| NetApp Product Security		security.netapp.com
[SECURITY] Fedora 37 Update: libssh-0.10.5-1.fc37 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
2189736 – (CVE-2023-2283) CVE-2023-2283 libssh: authorization bypass in pki_verify_data_signature	MISC	bugzilla.redhat.com
libssh 0.9.6 / 0.10.4 pki_verify_data_signature Authorization Bypass ≈ Packet Storm	MISC	packetstormsecurity.com
cve-details	MISC	access.redhat.com
www.libssh.org/security/advisories/CVE-2023-2283.txt	MISC	www.libssh.org
libssh: Multiple Vulnerabilities (GLSA 202312-05) — Gentoo security		security.gentoo.org
[SECURITY] Fedora 37 Update: libssh-0.10.5-1.fc37 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160756 Oracle Enterprise Linux Security Update for libssh (ELSA-2023-3839)
161111 Oracle Enterprise Linux Security Update for libssh (ELSA-2023-6643)
181800 Debian Security Update for libssh (DSA 5409-1)
182163 Debian Security Update for libssh (CVE-2023-2283)
199393 Ubuntu Security Notification for libssh Vulnerabilities (USN-6138-1)
241759 Red Hat Update for libssh (RHSA-2023:3839)
242284 Red Hat Update for libssh (RHSA-2023:6643)
242766 Red Hat Update for libssh (RHSA-2024:0538)
284002 Fedora Security Update for libssh (FEDORA-2023-5fa5ca2043)
284140 Fedora Security Update for libssh (FEDORA-2023-741d5f1fd3)
355399 Amazon Linux Security Advisory for libssh : ALAS2023-2023-186
378712 Alibaba Cloud Linux Security Update for libssh (ALINUX3-SA-2023:0077)
379412 F5 BIG-IP Advanced Firewall Manager (AFM) libssh Multiple Vulnerabilities (K000138682)
673239 EulerOS Security Update for libssh (EulerOS-SA-2023-2358)
673258 EulerOS Security Update for libssh (EulerOS-SA-2023-2384)
673285 EulerOS Security Update for libssh (EulerOS-SA-2023-2586)
673294 EulerOS Security Update for libssh (EulerOS-SA-2023-2616)
673826 EulerOS Security Update for libssh (EulerOS-SA-2023-2693)
673847 EulerOS Security Update for libssh (EulerOS-SA-2023-2651)
710806 Gentoo Linux libssh Multiple Vulnerabilities (GLSA 202312-05)
755806 SUSE Enterprise Linux Security Update for libssh (SUSE-SU-2024:0539-1)
941161 AlmaLinux Security Update for libssh (ALSA-2023:3839)
941363 AlmaLinux Security Update for libssh (ALSA-2023:6643)
960954 Rocky Linux Security Update for libssh (RLSA-2023:3839)