ELSA-2023-4382

Опубликовано: 02 авг. 2023

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2023-4382: openssh security update (IMPORTANT)

[7.4p1-23.0.1]

enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895]

[7.4p1-23 + 0.10.3-2]

Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

openssh

7.4p1-23.0.1.el7_9

openssh-askpass

7.4p1-23.0.1.el7_9

openssh-cavs

7.4p1-23.0.1.el7_9

openssh-clients

7.4p1-23.0.1.el7_9

openssh-keycat

7.4p1-23.0.1.el7_9

openssh-ldap

7.4p1-23.0.1.el7_9

openssh-server

7.4p1-23.0.1.el7_9

openssh-server-sysvinit

7.4p1-23.0.1.el7_9

pam_ssh_agent_auth

0.10.3-2.23.0.1.el7_9

Oracle Linux x86_64

openssh

7.4p1-23.0.1.el7_9

openssh-askpass

7.4p1-23.0.1.el7_9

openssh-cavs

7.4p1-23.0.1.el7_9

openssh-clients

7.4p1-23.0.1.el7_9

openssh-keycat

7.4p1-23.0.1.el7_9

openssh-ldap

7.4p1-23.0.1.el7_9

openssh-server

7.4p1-23.0.1.el7_9

openssh-server-sysvinit

7.4p1-23.0.1.el7_9

pam_ssh_agent_auth

0.10.3-2.23.0.1.el7_9

Связанные CVE

CVE-2023-38408

Ссылки на источники

Связанные уязвимости

CVE-2023-38408

CVSS3: 9.8

ubuntu

почти 2 года назад

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.