SUSE-SU-2025:0605-1

Опубликовано: 20 фев. 2025

Источник: suse-cvrf

Описание

Security update for openssh

This update for openssh fixes the following issues:

CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040).

Список пакетов

Container suse/manager/4.3/proxy-ssh:latest

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Container suse/sle-micro-rancher/5.2:latest

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Container suse/sle-micro-rancher/5.3:latest

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Container suse/sle-micro-rancher/5.4:latest

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Container suse/sle-micro/5.5:latest

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-BYOS-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Hardened-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Hardened-BYOS-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-3

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-3-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-3-BYOS-EC2

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-3-EC2

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-4

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-4-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-4-BYOS-EC2

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-Micro-5-4-EC2

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-SAP-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-SAP-BYOS-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-SAP-Hardened-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Azure-3P

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-BYOS-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Hardened-BYOS-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Server-5-0

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Server-5-0-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Micro-5-5-BYOS

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-Micro-5-5-BYOS-Azure

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-SAP-Azure-3P

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Image SLES15-SP5-SAP-BYOS-GCE

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Enterprise Storage 7.1

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Micro 5.1

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Micro 5.2

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Micro 5.3

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Micro 5.4

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Micro 5.5

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Server 15 SP3-LTSS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Server 15 SP4-LTSS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Server 15 SP5-LTSS

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Linux Enterprise Server for SAP Applications 15 SP5

openssh-8.4p1-150300.3.42.1

openssh-askpass-gnome-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Manager Proxy 4.3

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

SUSE Manager Server 4.3

openssh-8.4p1-150300.3.42.1

openssh-clients-8.4p1-150300.3.42.1

openssh-common-8.4p1-150300.3.42.1

openssh-fips-8.4p1-150300.3.42.1

openssh-helpers-8.4p1-150300.3.42.1

openssh-server-8.4p1-150300.3.42.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20250605-1/
Link for SUSE-SU-2025:0605-1
https://lists.suse.com/pipermail/sle-security-updates/2025-February/020381.html
E-Mail link for SUSE-SU-2025:0605-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1237040
SUSE Bug 1237040
https://www.suse.com/security/cve/CVE-2025-26465/
SUSE CVE CVE-2025-26465 page

Описание

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

Затронутые продукты

Container suse/manager/4.3/proxy-ssh:latest:openssh-8.4p1-150300.3.42.1

Container suse/manager/4.3/proxy-ssh:latest:openssh-clients-8.4p1-150300.3.42.1

Container suse/manager/4.3/proxy-ssh:latest:openssh-common-8.4p1-150300.3.42.1

Container suse/manager/4.3/proxy-ssh:latest:openssh-fips-8.4p1-150300.3.42.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-26465.html
CVE-2025-26465
https://bugzilla.suse.com/1237040
SUSE Bug 1237040
https://bugzilla.suse.com/1237041
SUSE Bug 1237041

SUSE-SU-2025:0605-1

Описание

Список пакетов

Container suse/manager/4.3/proxy-ssh:latest

Container suse/sle-micro-rancher/5.2:latest

Container suse/sle-micro-rancher/5.3:latest

Container suse/sle-micro-rancher/5.4:latest

Container suse/sle-micro/5.5:latest

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP4-BYOS

Image SLES15-SP4-BYOS-GCE

Image SLES15-SP4-Hardened-BYOS

Image SLES15-SP4-Hardened-BYOS-GCE

Image SLES15-SP4-Micro-5-3

Image SLES15-SP4-Micro-5-3-BYOS

Image SLES15-SP4-Micro-5-3-BYOS-EC2

Image SLES15-SP4-Micro-5-3-EC2

Image SLES15-SP4-Micro-5-4

Image SLES15-SP4-Micro-5-4-BYOS

Image SLES15-SP4-Micro-5-4-BYOS-EC2

Image SLES15-SP4-Micro-5-4-EC2

Image SLES15-SP4-SAP-BYOS

Image SLES15-SP4-SAP-BYOS-GCE

Image SLES15-SP4-SAP-Hardened-BYOS

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

Image SLES15-SP5-Azure-3P

Image SLES15-SP5-BYOS-GCE

Image SLES15-SP5-GCE

Image SLES15-SP5-Hardened-BYOS-GCE

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

Image SLES15-SP5-Manager-Server-5-0

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

Image SLES15-SP5-Manager-Server-5-0-BYOS

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

Image SLES15-SP5-Micro-5-5-BYOS

Image SLES15-SP5-Micro-5-5-BYOS-Azure

Image SLES15-SP5-SAP-Azure-3P

Image SLES15-SP5-SAP-BYOS-GCE

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Micro 5.2

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Linux Enterprise Server for SAP Applications 15 SP5

SUSE Manager Proxy 4.3

SUSE Manager Server 4.3

Ссылки

Уязвимость: CVE-2025-26465

Описание

Затронутые продукты

Ссылки