[Bug 3771] New: Will future versions of openssh provide DDoS attack defense for the DH algorithm?:CVE-2024-41996

Thu Jan 2 13:35:49 AEDT 2025

https://bugzilla.mindrot.org/show_bug.cgi?id=3771

            Bug ID: 3771
           Summary: Will future versions of openssh provide DDoS attack
                    defense for the DH algorithm?:CVE-2024-41996
           Product: Portable OpenSSH
           Version: 9.9p1
          Hardware: Other
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: bty at mail.ustc.edu.cn

CVE-2024-41996:
Validating the order of the public keys in the Diffie-Hellman Key
Agreement Protocol, when an approved safe prime is used, allows remote
attackers (from the client side) to trigger unnecessarily expensive
server-side DHE modular-exponentiation calculations. The client may
cause asymmetric resource consumption. The basic attack scenario is
that the client must claim that it can only communicate with DHE, and
the server must be configured to allow DHE and validate the order of
the public key.

Historically, there have also been some implementation flaws can
seriously affect the effectiveness of the D(HE)at attack, such as
CVE-2002-20001,CVE-2022-40735.

What will openssh do to avoid dheater?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.