Users of OpenSSH are advised to immediately update their software following the discovery of a critical vulnerability that could permit attackers to steal private encryption keys. OpenSSH is a widely used implementation of Secure Shell (SSH), a protocol that allows for encrypted communications over unsecured networks. It features in a number of Linux-based operating systems such as Ubuntu and Mac OS X.
The software’s creators have released a new version, OpenSSH 7.1p2, which patches the vulnerability. Many developers who use OpenSSH in their products have begun rolling out updates which contain the latest patched version of OpenSSH.
The vulnerability (CVE-2016-0777) affects OpenSSH versions 5.4 to 7.1, which contain what it termed “experimental support” for a roaming feature that allowed for the resumption of broken SSH connections. OpenSSH said that while the matching server code had never been shipped, the client code was enabled by default. The vulnerability means that a malicious server could trick OpenSSH into leaking client memory, including encryption keys.
It should be noted that a successful exploit requires the attacker to trick the target computer into connecting to a malicious server, which limits the scope for exploit. “The authentication of the server host key prevents exploitation by a man-in-the-middle, so this information leak is restricted to connections to malicious or compromised servers,” the OpenSSH statement said.
Affected software The following software packages are currently known to be affected by this vulnerability and have been patched:
Mitigation Given the critical nature of this vulnerability, users of affected software packages are advised to apply updates as soon as they become available.
OpenSSH users awaiting a patch can also opt to completely disable the affected roaming feature in the SSH client through the following ways:
Mac OS X users can disable the roaming feature by running the following command:
The OpenSSH security advisory also provides instructions on how to disable the roaming feature in the source code.