Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-35541

CVE-2023-48795: ose-powervs-block-csi-driver-container: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [openshift-4.13.z]

XMLWordPrintable

    • No
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      Security Tracking Issue

      Do not make this issue public.

      Impact: Moderate
      Reported Date: 12-Dec-2023
      Resolve Bug By: 11-Mar-2024

      In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX (in Bugzilla) or Closed:Won't Do (in Jira) if you decide not to fix this bug.

      Please review this tracker and its impact on your product or service, as soon as possible. The trackers are filed WITHOUT in-depth analysis as the vulnerability has a Low or Moderate severity impact on this product or service. For more details, please refer to following confluence page - https://docs.engineering.redhat.com/x/3e_3EQ

      Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9kKpDw

      Flaw:


      CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
      https://bugzilla.redhat.com/show_bug.cgi?id=2254210

      Prefix truncation attack on BPP: By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure
      channel without causing a MAC failure. The vulnerable cipher modes are ChaCha20-Poly1305 (chacha20-poly1305@openssh.com) and Encrypt-then-MAC (-etm@openssh.com MAC algorithms).


      This security tracking issue was filed based on manifesting data available to Product Security in https://deptopia.prodsec.redhat.com/ui/home. This data indicates that the component noted in the "pscomponent" label was found to be affected by this vulnerability. If you believe this issue is not actionable and was created erroneously, please fill out the following form and close this issue as Closed with a resolution of Obsolete. This will prompt Product Security to review what type of error caused this Jira issue to be created, and prevent further mistakes of this type in the future.

      https://forms.gle/LnXaf5aCAHaV6g8T8

      To better understand the distinction between a component being Affected vs Not Affected, please read the following article:
      https://docs.engineering.redhat.com/pages/viewpage.action?spaceKey=PRODSEC&title=Understanding+Affected+and+Not+Affected

              kviswana Kishen V
              kviswana Kishen V
              Julie Mathew Julie Mathew
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: