Chiwopsezo (CVE-2-2) chadziwika mu laibulale ya libssh (kuti isasokonezedwe ndi libssh2021), yopangidwa kuti iwonjezere chithandizo cha kasitomala ndi seva ya SSHv3634 protocol ku mapulogalamu a C, zomwe zimatsogolera pakusefukira kwa buffer poyambitsa njira yobwezeretsanso. pogwiritsa ntchito kusinthana kofunikira komwe kumagwiritsa ntchito ma hashing algorithm yosiyana. Nkhaniyi idakhazikitsidwa pakumasulidwa 0.9.6.
Chofunikira cha vuto ndikuti kusintha kofunikira kumalola kugwiritsa ntchito ma cryptographic hashes ndi kukula kwake komwe kumasiyana ndi algorithm yomwe idagwiritsidwa ntchito poyamba. Pamenepa, kukumbukira kwa hashi mu libssh kunaperekedwa kutengera kukula kwa hashi koyambirira, ndipo kugwiritsa ntchito kukula kwa hashi kumapangitsa kuti deta ilembedwe mopitilira malire omwe adapatsidwa. Monga njira yachitetezo yobwerera kumbuyo, mutha kuchepetsa mndandanda wa njira zosinthira makiyi othandizidwa ndi ma aligorivimu okha omwe ali ndi kukula kwa hashi. Mwachitsanzo, kuti mumangirire ku SHA256, mukhoza kuwonjezera ku code: rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nistp256");
Source: opennet.ru