GitHub_MCVELIST:CVE-2023-28113CVE-2023-28113 russh may use insecure Diffie-Hellman keys
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
53.4%
russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those of a russh peer with some other misbehaving peer are most likely to be problematic. These may vulnerable to eavesdropping. Most other implementations reject such keys, so this is mainly an interoperability issue in such a case. This issue is fixed in versions 0.36.2 and 0.37.1
CNA Affected
[
{
"vendor": "warp-tech",
"product": "russh",
"versions": [
{
"version": "0.34.0",
"status": "affected",
"lessThan": "0.34.0*",
"versionType": "custom"
},
{
"version": "0.36.2",
"status": "affected",
"lessThan": "0.36.2",
"versionType": "custom"
},
{
"version": "0.37.0",
"status": "affected",
"lessThan": "0.37.0*",
"versionType": "custom"
},
{
"version": "0.37.1",
"status": "affected",
"lessThan": "0.37.1",
"versionType": "custom"
}
]
}
]References
github.com/warp-tech/russh/blob/master/russh/src/kex/dh/groups.rs#L72-L76
github.com/warp-tech/russh/blob/master/russh/src/kex/dh/groups.rs#L78-L81
github.com/warp-tech/russh/commit/d831a3716d3719dc76f091fcea9d94bd4ef97c6e
github.com/warp-tech/russh/releases/tag/v0.36.2
github.com/warp-tech/russh/releases/tag/v0.37.1
github.com/warp-tech/russh/security/advisories/GHSA-cqvm-j2r2-hwpg
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
53.4%