Описание
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 1:9.3p1-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 1:6.6p1-2ubuntu2.13+esm1 |
| esm-infra/bionic | released | 1:7.6p1-4ubuntu0.7+esm1 |
| esm-infra/focal | not-affected | 1:8.2p1-4ubuntu0.8 |
| esm-infra/xenial | released | 1:7.2p2-4ubuntu2.10+esm3 |
| fips-preview/jammy | released | 1:8.9p1-3ubuntu0.3 |
| fips-updates/bionic | released | 1:7.9p1-10~ubuntu18.04.fips.0.8 |
| fips-updates/focal | released | 1:8.2p1-4ubuntu0.fips.0.8 |
| fips-updates/jammy | released | 1:8.9p1-3ubuntu0.3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | |
| esm-apps/bionic | ignored | |
| esm-apps/focal | ignored | |
| esm-apps/jammy | ignored | |
| esm-apps/noble | ignored | |
| focal | ignored | |
| jammy | ignored | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
Показывать по
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insuff ...
EPSS
9.8 Critical
CVSS3