Overview

File 0010-CVE-2025-47913-CVE-2025-47914-ssh-agent-fixes.patch of Package buildah.42049

From ac43a42f3ea8b0cb8947c1b79154e504a6348047 Mon Sep 17 00:00:00 2001
From: Danish Prakash <contact@danishpraka.sh>
Date: Mon, 17 Nov 2025 14:57:51 +0530
Subject: [PATCH 10/10] CVE-2025-47913, CVE-2025-47914: ssh/agent fixes

--

CVE-2025-47913: ssh/agent: return an error for unexpected message types

Previously, receiving an unexpected message type in response to a key
listing or a signing request could cause a panic due to a failed type
assertion.

This change adds a default case to the type switch in order to detect
and explicitly handle unknown or invalid message types, returning a
descriptive error instead of crashing.

Fixes CVE-2025-47913
Fixes golang/go#75178
Fixes bsc#1253598

Signed-off-by: Danish Prakash <contact@danishpraka.sh>

--

CVE-2025-47914: ssh/agent: prevent panic on malformed constraint

An attacker could supply a malformed Constraint that
would trigger a panic in a serving agent, effectively
causing denial of service.

Thank you to Jakub Ciolek for reporting this issue.

Fixes CVE-2025-47914
Fixes golang/go#76364
Fixes bsc#1254054

Signed-off-by: Danish Prakash <contact@danishpraka.sh>
---
 vendor/golang.org/x/crypto/ssh/agent/client.go | 6 ++++--
 vendor/golang.org/x/crypto/ssh/agent/server.go | 3 +++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/vendor/golang.org/x/crypto/ssh/agent/client.go b/vendor/golang.org/x/crypto/ssh/agent/client.go
index fecba8eb3846..6dc73e091e41 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/client.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/client.go
@@ -430,8 +430,9 @@ func (c *client) List() ([]*Key, error) {
 		return keys, nil
 	case *failureAgentMsg:
 		return nil, errors.New("agent: failed to list keys")
+	default:
+		return nil, fmt.Errorf("agent: failed to list keys, unexpected message type %T", msg)
 	}
-	panic("unreachable")
 }
 
 // Sign has the agent sign the data using a protocol 2 key as defined
@@ -462,8 +463,9 @@ func (c *client) SignWithFlags(key ssh.PublicKey, data []byte, flags SignatureFl
 		return &sig, nil
 	case *failureAgentMsg:
 		return nil, errors.New("agent: failed to sign challenge")
+	default:
+		return nil, fmt.Errorf("agent: failed to sign challenge, unexpected message type %T", msg)
 	}
-	panic("unreachable")
 }
 
 // unmarshal parses an agent message in packet, returning the parsed
diff --git a/vendor/golang.org/x/crypto/ssh/agent/server.go b/vendor/golang.org/x/crypto/ssh/agent/server.go
index e35ca7ce3182..6c05994928ba 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/server.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/server.go
@@ -203,6 +203,9 @@ func parseConstraints(constraints []byte) (lifetimeSecs uint32, confirmBeforeUse
 	for len(constraints) != 0 {
 		switch constraints[0] {
 		case agentConstrainLifetime:
+			if len(constraints) < 5 {
+				return 0, false, nil, io.ErrUnexpectedEOF
+			}
 			lifetimeSecs = binary.BigEndian.Uint32(constraints[1:5])
 			constraints = constraints[5:]
 		case agentConstrainConfirm:
-- 
2.51.1
openSUSE Build Service is sponsored by
Places