https://bugzilla.mindrot.org/show_bug.cgi?id=3771
Bug ID: 3771
Summary: Will future versions of openssh provide DDoS attack
defense for the DH algorithm?:CVE-2024-41996
Product: Portable OpenSSH
Version: 9.9p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-b...@mindrot.org
Reporter: b...@mail.ustc.edu.cn
CVE-2024-41996:
Validating the order of the public keys in the Diffie-Hellman Key
Agreement Protocol, when an approved safe prime is used, allows remote
attackers (from the client side) to trigger unnecessarily expensive
server-side DHE modular-exponentiation calculations. The client may
cause asymmetric resource consumption. The basic attack scenario is
that the client must claim that it can only communicate with DHE, and
the server must be configured to allow DHE and validate the order of
the public key.
Historically, there have also been some implementation flaws can
seriously affect the effectiveness of the D(HE)at attack, such as
CVE-2002-20001,CVE-2022-40735.
What will openssh do to avoid dheater?
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
