Vulnerability CVE-2023-38408: Information
Description
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
openquantumsafe-openssh | sisyphus | 8.9p1.202306-alt2 | 8.9p1.202310-alt2 | ALT-PU-2023-4480-3 | 325215 | Fixed |
openssh | p10 | 7.9p1-alt4.p10.2 | 7.9p1-alt4.p10.6 | ALT-PU-2023-4471-3 | 325211 | Fixed |
openssh | p10_e2k | 7.9p1-alt4.p10.2 | 7.9p1-alt4.p10.6 | ALT-PU-2023-4528-1 | - | Fixed |
openssh | c10f1 | 7.9p1-alt4.p10.2 | 7.9p1-alt4.p10.6 | ALT-PU-2023-4472-3 | 325212 | Fixed |
openssh | c9f2 | 7.9p1-alt4.p10.2 | 7.9p1-alt4.p10.6 | ALT-PU-2023-4654-3 | 326190 | Fixed |
openssh-gostcrypto | p10 | 7.9p1-alt4.gost.p10.1 | 7.9p1-alt4.gost.p10.3 | ALT-PU-2024-3921-3 | 342647 | Fixed |
openssh-gostcrypto | c10f1 | 7.9p1-alt4.gost.p10.1 | 7.9p1-alt4.gost.p10.3 | ALT-PU-2024-4467-2 | 342830 | Fixed |
openssh-gostcrypto | c9f2 | 7.9p1-alt4.gost.p10.1 | 7.9p1-alt4.gost.p10.3 | ALT-PU-2024-4077-2 | 342832 | Fixed |