There are two vulnerabilities in the OpenSSH implementation of the secure shell protocol, one of which attackers could exploit to steal users’ private cryptographic keys, researchers said.
“The OpenSSH client code between 5.4 and 7.1 contains experimental support for resuming SSH-connections (roaming). The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys,” OpenSSH officials said in an advisory.
“It is an Information Disclosure bug, so on the CVSS scale, it probably it does not rank as critical. However, the information disclosed are SSH keys, which are widely used for automation of system administration tasks and interactive logins,” said Qualys CTO Wolfgang Kandek, whose researchers discovered the issues.
“Gaining access to these keys would allow an attacker to pose as owner of the keys, often then with system administration privileges,” he said in a published report. “System administrators can typically install anything they want on the target system including backdoors and malware. The criticality being formally low is similar to Heartbleed, which also has a low CVSS score, but is a very serious vulnerability due to information that can be leaked.”
More details about this and the buffer overflow bug discovered by Qualys and disclosed to the OpenSSH team are in this advisory, which includes PoC code.
“This information leak may have already been exploited in the wild by sophisticated attackers, and high-profile sites or users may need to regenerate their SSH keys accordingly,” the company also pointed out.
They advise users to upgrade their OpenSSH implementation as soon as possible.
“If you cannot patch immediately, set Use Roaming to Off. This should be easy for personal systems, but probably needs testing in automated scenarios to ensure that no unwanted side effects occur – these are unexpected, but it makes sense to test that everything still works as normal,” the advisory said. “If you can regenerate your SSH keys, address where somebody exploited the vulnerability already and your keys have been leaked.”