{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/russh/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["russh"],"_cs_severities":["medium"],"_cs_tags":["denial-of-service","russh","keyboard-interactive"],"_cs_type":"advisory","_cs_vendors":["rust"],"content_html":"\u003cp\u003eA pre-authentication denial-of-service vulnerability exists in the russh crate, specifically affecting servers that implement keyboard-interactive authentication. This vulnerability allows a malicious client to crash a russh-based server by sending a malformed packet, without needing any valid credentials. The vulnerability resides in the \u003ccode\u003eread_userauth_info_response\u003c/code\u003e function within \u003ccode\u003erussh/src/server/encrypted.rs\u003c/code\u003e, where an unbounded \u003ccode\u003eu32\u003c/code\u003e count from the client\u0026rsquo;s \u003ccode\u003eSSH_MSG_USERAUTH_INFO_RESPONSE\u003c/code\u003e message is used directly to allocate memory via \u003ccode\u003eVec::with_capacity()\u003c/code\u003e. An attacker can exploit this by sending a large value for \u0026rsquo;n\u0026rsquo; (e.g., 0x10000000), leading to a massive memory allocation attempt and subsequent out-of-memory crash. This affects servers using keyboard-interactive for multi-step authentication such as TOTP or 2FA. The vulnerability exists in russh versions prior to 0.60.1.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker establishes a TCP connection to the russh server.\u003c/li\u003e\n\u003cli\u003eThe attacker performs the initial SSH key exchange (anonymous DH handshake).\u003c/li\u003e\n\u003cli\u003eThe attacker sends a \u003ccode\u003eUSERAUTH_REQUEST\u003c/code\u003e message with the authentication method set to \u003ccode\u003ekeyboard-interactive\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe server responds with \u003ccode\u003eAuth::Partial\u003c/code\u003e, indicating that keyboard-interactive authentication is in progress and prompts are required.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a \u003ccode\u003eUSERAUTH_INFO_RESPONSE\u003c/code\u003e message with a crafted \u003ccode\u003eu32\u003c/code\u003e value for \u0026rsquo;n\u0026rsquo; set to a large number, such as 0x10000000 (268435456), indicating the number of responses.\u003c/li\u003e\n\u003cli\u003eThe attacker intentionally does not include any response data in the \u003ccode\u003eUSERAUTH_INFO_RESPONSE\u003c/code\u003e message, to maximize the memory allocation attempt.\u003c/li\u003e\n\u003cli\u003eThe server attempts to allocate memory using \u003ccode\u003eVec::with_capacity(n)\u003c/code\u003e, where n is the attacker-controlled large value, triggering excessive memory allocation.\u003c/li\u003e\n\u003cli\u003eThe server exhausts available memory, leading to an out-of-memory (OOM) condition, and the server process crashes, causing a denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eA successful attack results in a denial of service, crashing the russh server and affecting all active SSH sessions. Because the attack occurs before authentication, it can be executed repeatedly and quickly, preventing legitimate users from accessing the server. This can disrupt services relying on the SSH server, leading to downtime and potential data loss. An end-to-end Proof of Concept demonstrates that a russh server within a container with a 512MB memory limit can be OOM-killed by this vulnerability.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to russh version 0.60.1 or later to incorporate the fix that limits the \u003ccode\u003eVec::with_capacity\u003c/code\u003e allocation based on the remaining packet data.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for SSH \u003ccode\u003eUSERAUTH_INFO_RESPONSE\u003c/code\u003e messages with unusually large response counts using the provided Sigma rule \u0026ldquo;Detect Excessive SSH Keyboard-Interactive Responses\u0026rdquo;.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting or connection limits to mitigate the impact of rapid connection attempts from malicious clients.\u003c/li\u003e\n\u003cli\u003eReview and audit implementations of \u003ccode\u003eHandler::auth_keyboard_interactive\u003c/code\u003e to ensure proper input validation and resource management, especially where \u003ccode\u003eAuth::Partial\u003c/code\u003e is returned.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-07-03T12:00:00Z","date_published":"2024-07-03T12:00:00Z","id":"/briefs/2024-07-03-russh-dos/","summary":"A denial-of-service vulnerability exists in the russh crate, where a malicious client can crash any russh-based server implementing keyboard-interactive authentication by sending a crafted SSH_MSG_USERAUTH_INFO_RESPONSE message with a large response count, leading to excessive memory allocation and an out-of-memory crash without requiring any credentials.","title":"russh Keyboard-Interactive Authentication Denial-of-Service","url":"https://feed.craftedsignal.io/briefs/2024-07-03-russh-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Russh","version":"https://jsonfeed.org/version/1.1"}