OpenSSH 9.6 Eliminates Vulnerabilities

OpenSSH has released version 9.6 of its client and server for working on SSH 2.0 and SFTP protocols. This release addresses three security vulnerabilities.

The first vulnerability, CVE-2023-48795, is an SSH protocol vulnerability that allows for MITM attacks. These attacks can roll back the connection to use less protected authentication algorithms and disconnect protection against attacks by third-party channels. The attack method is detailed in a separate news release (source).

The second vulnerability is in the SSH utility, which allows for the substitution of arbitrary shell commands through manipulation of login and host values containing special characters. This vulnerability can be exploited if the attacker controls these values and is transmitted to SSH through Proxycommand and Localcommand directives or “Match Exec” blocks. This vulnerability is also present in libssh (source).

The third vulnerability is an error in SSH-agent when adding closed keys PKCS#11, where restrictions were only applied to the first key returned to PKCS#11. This issue does not affect ordinary closed keys, FIDO tokens, and keys set without restrictions (source).

Other changes in OpenSSH version 9.6 include:

  • Added “%j” support in SSH, which discloses the name of the host indicated through the ProxyJump directive.
  • Added ChannelTimeout support on the client side, allowing inactive channels to be terminated.
  • Added support for reading ED25519 closed keys in the PEM PKCS8 format in SSH, SSHD, SSH-KEYGEN (previously only supported OpenSSH format).
  • Added protocol extension for re-coordinating digital signature algorithms for authentication with public keys. This allows the use of different algorithms based on user binding instructions in Match User blocks.
  • Added protocol extension to set certificates when loading PKCS#11 keys in SSH-DDD and SSH-Agent, expanding functionality to all OpenSSH utilities.
  • Improved detection of unsupported or unstable compiler flags, such as “-fzero-Call-Call-Segs” in Clang.
  • For versions of OpenSolaris that support the Getpflags() interface, the Priv_xpolicy mode is now used to

/Reports, release notes, official announcements.