Описание
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
A vulnerability was found in openssh. This issue occurs when adding smartcard keys to ssh-agent(1) with per-hop destination constraints. A logic error prevented the constraints from being communicated to the agent, resulting in the keys being added without constraints. The common cases of non-smartcard keys and keys without destination constraints are unaffected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | openssh | Not affected | ||
| Red Hat Enterprise Linux 7 | openssh | Not affected | ||
| Red Hat Enterprise Linux 8 | openssh | Not affected | ||
| Red Hat Enterprise Linux 9 | openssh | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
9.1 Critical
CVSS3
Связанные уязвимости
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without ...
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints.
EPSS
9.1 Critical
CVSS3