During the SSHv2 handshake when libssh2 is to get a suitable value for 'group order' in the Diffle Hellman negotiation, it would pass in number of bytes to a function that expected number of bits. This would result in the library generating numbers using only an 8th the number of random bits than what were intended: 128 or 256 bits instead of 1023 or 2047
Using such drastically reduced amount of random bits for Diffie Hellman weakened the handshake security significantly.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2016-0787 to this issue.
sudo dnf upgrade --advisory=FEDORA-2016-7942ee2cc5Please login to add feedback.
| submitted | 3 years ago |
| in testing | 3 years ago |
| in stable | 3 years ago |
| modified | 3 years ago |
| 0 | 0 | #1306021 CVE-2016-0787 libssh2: bits/bytes confusion resulting in truncated Diffie-Hellman secret length |
| 0 | 0 | #1311214 CVE-2016-0787 libssh2: bits/bytes confusion resulting in truncated Diffie-Hellman secret length [fedora-all] |
pghmcfc
This update has been submitted for testing by pghmcfc.
This update has been pushed to testing.
pghmcfc edited this update.
No regressions detected
No regressions noted.
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by pghmcfc.
This update has been pushed to stable.