CVE-2023-27538

Vulnerability

In libcurl prior to version 8.0.0, the connection reuse logic omits two SSH-specific settings from the configuration comparison: the SSH_HOST_PUBLIC_KEY_MD5 and SSH_KNOWNHOSTS options. This flaw allows a previously established SSH session to be reused for a new transfer even when these named options have been changed, which should have prevented such reuse. The affected versions are all libcurl releases before 8.0.0. [1]

Exploitation

An attacker who can influence the transfer parameters (e.g., by providing a crafted URL or by controlling the application's configuration) can exploit this omission. The attacker does not need credentials for the SSH endpoint if the reused connection was authenticated with different credentials or to a different host. The exact steps involve: (1) establishing an initial SSH connection with a certain set of options, (2) initiating a second transfer where the SSH host key or known hosts file are modified, and (3) libcurl mistakenly reusing the first connection without verifying the new SSH options, thereby bypassing authentication. [1]

Impact

Successful exploitation leads to authentication bypass. The attacker can leverage an existing SSH session that may have been set up with different credentials or to a different server than intended. This could enable unauthorized access to the target SSH service, potentially leading to information disclosure, data manipulation, or lateral movement. The privilege level attained corresponds to the authenticated privileges of the reused session. [1]

Mitigation

A fix is available in libcurl version 8.0.0 and later. The Gentoo security advisory [1] recommends upgrading to net-misc/curl-8.3.0-r2 or later. No workaround is known. Users should update libcurl as soon as possible.