Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:23481

Опубликовано: 18 дек. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

  • openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand (CVE-2025-61984)

  • openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand (CVE-2025-61985)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
opensshx86_6427.el8_10openssh-8.0p1-27.el8_10.x86_64.rpm
openssh-cavsx86_6427.el8_10openssh-cavs-8.0p1-27.el8_10.x86_64.rpm
openssh-clientsx86_6427.el8_10openssh-clients-8.0p1-27.el8_10.x86_64.rpm
openssh-keycatx86_6427.el8_10openssh-keycat-8.0p1-27.el8_10.x86_64.rpm
openssh-ldapx86_6427.el8_10openssh-ldap-8.0p1-27.el8_10.x86_64.rpm
openssh-serverx86_6427.el8_10openssh-server-8.0p1-27.el8_10.x86_64.rpm
pam_ssh_agent_authx86_647.27.el8_10pam_ssh_agent_auth-0.10.3-7.27.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-61984
CVE-2025-61985

Ссылки на источники

Исправления

Связанные уязвимости

suse-cvrf логотип

openSUSE-SU-2025:20122-1

suse-cvrf
около 2 месяцев назад

Security update for openssh

suse-cvrf логотип

SUSE-SU-2025:4112-1

suse-cvrf
2 месяца назад

Security update for openssh

suse-cvrf логотип

SUSE-SU-2025:4098-1

suse-cvrf
2 месяца назад

Security update for openssh8.4

suse-cvrf логотип

SUSE-SU-2025:4067-1

suse-cvrf
2 месяца назад

Security update for openssh

oracle-oval логотип

ELSA-2025-23481

oracle-oval
29 дней назад

ELSA-2025-23481: openssh security update (MODERATE)