Разработчики клиента для различных протоколов удалённого доступа сообщили о критической уязвимости CVE-2024-31497 в PuTTY версий от 0.68 до 0.80, которая позволяет провести компрометацию закрытого ключа.
В стабильной версии PuTTY 0.81 эта проблема устранена. In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures.
This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism.
Читать на habr.com