FreeBSD Security Advisory FreeBSD-SA-25:05.openssh
21 February, 2025 by security-advisories@freebsd.org | freebsd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-25:05.openssh Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in OpenSSH
Category: contrib
Module: openssh
Announced: 2025-02-21
Credits: Qualys Security Advisory team
Affects: All supported versions of FreeBSD.
Corrected: 2025-02-19 14:54:37 UTC (stable/14, 14.2-STABLE)
2025-02-21 02:56:26 UTC (releng/14.2, 14.2-RELEASE-p2)
2025-02-21 02:56:40 UTC (releng/14.1, 14.1-RELEASE-p8)
2025-02-19 16:05:16 UTC (stable/13, 13.5-STABLE)
2025-02-20 18:00:47 UTC (releng/13.5, 13.5-BETA3)
2025-02-21 02:56:50 UTC (releng/13.4, 13.4-RELEASE-p4)
CVE Name: CVE-2025-26465, CVE-2025-26466
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
OpenSSH is an implementation of the SSH protocol suite, providing an
encrypted and authenticated transport for a variety of services, including
remote shell access.
II. Problem Description
* OpenSSH client host verification error (CVE-2025-26465)
ssh(1) contains a logic error that allows an on-path attacker to impersonate
any server during certain conditions when the VerifyHostKeyDNS option is
enabled.
* OpenSSH server denial of service (CVE-2025-26466)
The OpenSSH client and server are both vulnerable to a memory/CPU denial of
service while handling SSH2_MSG_PING packets.
III. Impact
* OpenSSH client host verification error (CVE-2025-26465)
Under specific circumstances, a machine-in-the-middle may impersonate any
server when the client has the VerifyHostKeyDNS option enabled.
* OpenSSH server denial of service (CVE-2025-26466)
During the processing of SSH2_MSG_PING packets, a server may be subject to a
memory/CPU denial of service.
IV. Workaround
* OpenSSH client host verification error (CVE-2025-26465)
Disable the VerifyHostKeyDNS configuration directive in the ssh(1)
configuration and rely on trust-on-first-use host keys or SSH certificate based
host keys. See ssh_config(5).
* OpenSSH server denial of service (CVE-2025-26466)
No workaround is available, but this condition may be mitigated in the server
by using the LoginGraceTime and MaxStartups server configuration directives.
See sshd_config(5).
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date and
restart sshd(8).
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms,
or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8)
utility:
# freebsd-update fetch
# freebsd-update install
# ## freebsd-update will automatically restart sshd.
Note: The binary update provided by freebsd-update is slightly different than
the patch in the source tree. Specifically, the commented out VersionAddendum
in the ssh_config(5) and sshd_config(5) files and corresponding manpages is
not included to prevent an unnecessary interactive merge operation. Since
this was only to update a comment, it was deemed preferred to have this
slight divergence to improve the end-user experience. The underlying source
code is otherwise the same.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-25:05/openssh.patch
# fetch https://security.FreeBSD.org/patches/SA-25:05/openssh.patch.asc
# gpg --verify openssh.patch.asc
Note: The patch listed here is the patch used by the freebsd-update build and
is lacking the changes for the VersionAddendum comments in the configuration
files and manpages.
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart the applicable daemons, or reboot the system.
VI. Correction details
This issue is corrected as of the corresponding Git commit hash in the
following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/14/ 24ce323f020f stable/14-n270447
releng/14.2/ 4b8a2f716588 releng/14.2-n269517
releng/14.1/ fe49460873e0 releng/14.1-n267740
stable/13/ 2fc62d0bd4f7 stable/13-n259174
releng/13.5/ 78b4f775184c releng/13.5-n259148
releng/13.4/ 14c733f25493 releng/13.4-n258278
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
<URL:https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt>
<URL:https://www.openssh.com/releasenotes.html#9.9p2>
<URL:https://www.cve.org/CVERecord?id=CVE-2025-26465>
<URL:https://www.cve.org/CVERecord?id=CVE-2025-26466>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-25:05.openssh.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAme37REACgkQbljekB8A
Gu/++hAAuhFt0VHitGW+zyAv6m6AXTT/l9O+77jqacIGtut1MkXUfqkdDrXLUo+Y
2OT2zXyGqygiHFB5n0+Ww4wFBUxWIFXFlIArTNp1CuYvwbxTJEi9A4X7X9TfseB0
F96RN2RA2cIjbDfADr/mcnyBLzA1JMSC35VKOFM3k3Qv4X+vmk6B6n32I7iRA2UO
EUW4wO1N9y2u2rFujadevukK1nfktb7GStC7lVoesPAteCj4hzU8tp316NgAhqT1
p046lqqgeDfyMC+YxSJDhoelEnT+5kUSFX7f193wJpUTPkdN1z+8fpmQdQXndvlR
skzjgICdy2ApkSadCDnNAWQYAhRwo7xPX3SwbLx6RRA8LpVWJb6pj8ThLxsVBSEE
UiUqkWjFRiHaE+CiZpZptAfEbCcLCwpxqgtrZRkZcu5KuzI0I/wCvYWpRuSqBE2/
QBGP7+bLCRKtHCb8LsYoOpmZO9fkbEIKURA4ym+WQWubxjG2d7L5rzNggKe/KoUj
F9SK6c3220dGGEaqTbjPt9D9NkC9H4XH32HsRwFkjxg6//PrASsVc9n+E14baNGk
3Xfqk1uBiJSTwMk1a6r1pRR1O3YOO6g4CYkptJdW94ju2R6ni8yFe+Zbx5KZIYvu
Cn5JCAb0u5xCr4brDqk7EvvAh245w+CiO5BaM5HmoWDncGxD5oU=wbm/
-----END PGP SIGNATURE-----