Описание
ELSA-2023-4412: openssh security update (IMPORTANT)
[8.7p1-30]
- Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
openssh
8.7p1-30.el9_2
openssh-askpass
8.7p1-30.el9_2
openssh-clients
8.7p1-30.el9_2
openssh-keycat
8.7p1-30.el9_2
openssh-server
8.7p1-30.el9_2
pam_ssh_agent_auth
0.10.4-5.30.el9_2
Oracle Linux x86_64
openssh
8.7p1-30.el9_2
openssh-askpass
8.7p1-30.el9_2
openssh-clients
8.7p1-30.el9_2
openssh-keycat
8.7p1-30.el9_2
openssh-server
8.7p1-30.el9_2
pam_ssh_agent_auth
0.10.4-5.30.el9_2
Связанные CVE
Связанные уязвимости
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insuff ...
