Headline
RHSA-2023:4383: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an attacker with control of the forwarded agent-socket on the server and the ability to write to the filesystem of the client host to execute arbitrary code with the privileges of the user running the ssh-agent.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Publié :
2023-08-01
Mis à jour :
2023-08-01
RHSA-2023:4383 - Security Advisory
- Aperçu général
- Paquets mis à jour
Synopsis
Important: openssh security update
Type / Sévérité
Security Advisory: Important
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte.
Voir les systèmes concernés
Sujet
An update for openssh is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
- openssh: Remote code execution in ssh-agent PKCS#11 support (CVE-2023-38408)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.
Produits concernés
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Correctifs
- BZ - 2224173 - CVE-2023-38408 openssh: Remote code execution in ssh-agent PKCS#11 support
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
openssh-8.0p1-5.el8_1.1.src.rpm
SHA-256: fd88518a7e980df8773e5e2348cea718d6ac27ae94f21e76da2a48317ab3534e
ppc64le
openssh-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: eb095dd6cd8ba160a2e23f1087aec4d4fb6f92db747bdf2ac971272e6fa3fd60
openssh-askpass-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 10eac37f31e0797745ef8058e4d445c858d129b72fd7318bb6a371da0eb57c40
openssh-askpass-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 0a726b18936128b9c0ea552731804b78b45c7251bad1c2474dce1c378d62ba44
openssh-askpass-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 0a726b18936128b9c0ea552731804b78b45c7251bad1c2474dce1c378d62ba44
openssh-cavs-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 27f207a9dd75671c9d58e75f8bc3cd44f612f7e830131634423893a990842a94
openssh-cavs-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: cf67524be24e42dca9ebf4d48a21ce64f9dcb46956b222da97dffd794ca031eb
openssh-cavs-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: cf67524be24e42dca9ebf4d48a21ce64f9dcb46956b222da97dffd794ca031eb
openssh-clients-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 5959ae7e18ca1860388d4e7720b41fdfcde4ebb8fa6dd762e1f8bf462a31c1ee
openssh-clients-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 5888b623774f6472ac001c77625f5fddc43a36b7cd0e676282b7a3185d0d409f
openssh-clients-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 5888b623774f6472ac001c77625f5fddc43a36b7cd0e676282b7a3185d0d409f
openssh-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: b913cc4c154631e8391183c1a590873deea51fa2781928d911fe91fd2b230dbb
openssh-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: b913cc4c154631e8391183c1a590873deea51fa2781928d911fe91fd2b230dbb
openssh-debugsource-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: d94cef098e553dd210df89cadfd5f61fb3b8a681d8188f6d7561331a6fa83ebb
openssh-debugsource-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: d94cef098e553dd210df89cadfd5f61fb3b8a681d8188f6d7561331a6fa83ebb
openssh-keycat-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: b1a672aaa9b88938d9ba0000d1a3dcb9d98755596929ca7ea0e5f490de6552d6
openssh-keycat-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: ae59765bdf1879a8cee3118bcb100f986115ef3672f3b1421235818b3ee0ff95
openssh-keycat-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: ae59765bdf1879a8cee3118bcb100f986115ef3672f3b1421235818b3ee0ff95
openssh-ldap-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 6cc202ea058d1877b3b10acb817b02721634aff6a73cf53ae9eabfdca6804214
openssh-ldap-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: b31937774c6bae2b0c5974b918d2871de39ba44215641fbe56dda03f966cb207
openssh-ldap-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: b31937774c6bae2b0c5974b918d2871de39ba44215641fbe56dda03f966cb207
openssh-server-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 7b47ef66d34f39e71c4067ea680c391b46760de9d89badd1ecfd5260d89230a9
openssh-server-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 90b97f2255f33944045007196d920690531f952c2f232c1e25007b997b9a8a37
openssh-server-debuginfo-8.0p1-5.el8_1.1.ppc64le.rpm
SHA-256: 90b97f2255f33944045007196d920690531f952c2f232c1e25007b997b9a8a37
pam_ssh_agent_auth-0.10.3-7.5.el8_1.ppc64le.rpm
SHA-256: 246afc8a86d2d7683b188a69d972de30545b0cbe45e8487fc8b33cdbfb730fc0
pam_ssh_agent_auth-debuginfo-0.10.3-7.5.el8_1.ppc64le.rpm
SHA-256: 0a926e6ef1dd2a94833344098c05304ad4eef3cfc73dc87fa76b87f42fe49f99
pam_ssh_agent_auth-debuginfo-0.10.3-7.5.el8_1.ppc64le.rpm
SHA-256: 0a926e6ef1dd2a94833344098c05304ad4eef3cfc73dc87fa76b87f42fe49f99
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM
openssh-8.0p1-5.el8_1.1.src.rpm
SHA-256: fd88518a7e980df8773e5e2348cea718d6ac27ae94f21e76da2a48317ab3534e
x86_64
openssh-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 825f64975d0c2860fb7bf9878007dee6890896e3b03bebdf9a4c46e824dbde35
openssh-askpass-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: c9e29b9aec19fdf32fa1ee9bc05f7d176b1caa5e9ea77a366aee1e931228ab0c
openssh-askpass-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: d62797367bf44343a8f91bdb0d1e49dcb8c0165e5d7b13c2c5b2f29e58af5b75
openssh-askpass-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: d62797367bf44343a8f91bdb0d1e49dcb8c0165e5d7b13c2c5b2f29e58af5b75
openssh-cavs-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 6d841a8703f0f6266b6b261786ba15305635768031b6b1362d5cb6f49f3ba3b7
openssh-cavs-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 269477ec34d7409ee07cd7bce4879f2234241b0b664f510367ff36a781d7deb6
openssh-cavs-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 269477ec34d7409ee07cd7bce4879f2234241b0b664f510367ff36a781d7deb6
openssh-clients-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 2a7784a744c96713c424d697fbeed7e066e87eac6f3e404d3f7da7cbb3146100
openssh-clients-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: b798380f03c5ed0a33b7c556c6a6cacb3d19871e5ecf162485f82de4399d70ef
openssh-clients-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: b798380f03c5ed0a33b7c556c6a6cacb3d19871e5ecf162485f82de4399d70ef
openssh-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 416707ca92303235cadc706be49cb8818ac3bcc63308c6935f8ab46086521ae4
openssh-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 416707ca92303235cadc706be49cb8818ac3bcc63308c6935f8ab46086521ae4
openssh-debugsource-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: f98472d1e1a61eea2eb0d8b9d56800922872a75edcf92d46868c517a8a5a8935
openssh-debugsource-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: f98472d1e1a61eea2eb0d8b9d56800922872a75edcf92d46868c517a8a5a8935
openssh-keycat-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: daec09f5b8b3c9bb6b29551a71cfbe9f1e94917036274e112dd4348a0bea8be5
openssh-keycat-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 29cf0dd1ba370bdf2ce3f64842a3ef4d27f05ca9de084c0bcf52cb048f777854
openssh-keycat-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 29cf0dd1ba370bdf2ce3f64842a3ef4d27f05ca9de084c0bcf52cb048f777854
openssh-ldap-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 0924374f470cbddf0ff9866b243240a03e017815e024d544cca3f399a08ccff1
openssh-ldap-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: c970bf76c017abd551b5e57e96f35cdd28d6a74cd24d45248658c3d313ed8e8c
openssh-ldap-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: c970bf76c017abd551b5e57e96f35cdd28d6a74cd24d45248658c3d313ed8e8c
openssh-server-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 8143d8935509d9052b29f791aa3ce35acd80b165d59156cf1c7be394bff776b8
openssh-server-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 390b8f1e1ef3df559282fab4ddc09b676cfcfd2a3fc70ec258843bd1d291e695
openssh-server-debuginfo-8.0p1-5.el8_1.1.x86_64.rpm
SHA-256: 390b8f1e1ef3df559282fab4ddc09b676cfcfd2a3fc70ec258843bd1d291e695
pam_ssh_agent_auth-0.10.3-7.5.el8_1.x86_64.rpm
SHA-256: 01b8f603567e79b7a70a8d792c7ca31f3efce04b1fecad58431807dc0c9be51f
pam_ssh_agent_auth-debuginfo-0.10.3-7.5.el8_1.x86_64.rpm
SHA-256: 1a14aebd7ab6b1167d57e6eb32ecfae6cf4105e2bb8eff62f496b7399caea2a9
pam_ssh_agent_auth-debuginfo-0.10.3-7.5.el8_1.x86_64.rpm
SHA-256: 1a14aebd7ab6b1167d57e6eb32ecfae6cf4105e2bb8eff62f496b7399caea2a9
Le contact Red Hat Security est [email protected]. Plus d’infos contact à https://access.redhat.com/security/team/contact/.
Related news
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138
Red Hat Security Advisory 2023-5029-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
Multicluster Engine for Kubernetes 2.1.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37466: A flaw was found in the vm2 Promise handler sanitization, which allows attackers to esc...
Red Hat Security Advisory 2023-4889-01 - The DevWorkspace Operator extends OpenShift to provide DevWorkspace support. Issues addressed include a code execution vulnerability.
The Migration Toolkit for Containers (MTC) 1.7.12 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24532: A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
Red Hat Advanced Cluster Management for Kubernetes 2.8.1 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3027: The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values (instead of the policy apply a static manifest on a managed cluster) of taking advantage of cluster scoped access in a created polic...
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476.
Red Hat Security Advisory 2023-4650-01 - Multicluster Engine for Kubernetes 2.2.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Red Hat Security Advisory 2023-4576-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.
Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
Red Hat Security Advisory 2023-4428-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-4413-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-4419-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.
An update for openssh is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an a...
Ubuntu Security Notice 6242-2 - USN-6242-1 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code.
An update for openssh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an attacker with control of the...
An update for openssh is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarde...
An update for openssh is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an ...
Red Hat Security Advisory 2023-4329-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.
An update for openssh is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an at...
Ubuntu Security Notice 6242-1 - It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code.
Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.
The PKCS#11 feature in ssh-agent in OpenSSH versions prior to 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.