DescriptionThe mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.
NVD CVSS v2 Base Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Note from the SUSE Security TeamOur openssl version currently in SUSE Linux Enterprise Server 11 does not support AES-GCM, so openssh is built without this support. So SUSE Linux Enterprise Server 11 and older are not affected by this security issue. OpenSUSE 13.1 is affected by this problem. openSUSE 12.3 and older versions use older openssh versions without support for this cipher, and so are not affected. Novell Bugzilla entry: 849536 SUSE Security Advisories:
- openSUSE-SU-2013:1726-1, published Mon, 18 Nov 2013 13:05:57 +0100 (CET)