Vulnerability CVE-2023-51384: Information

Description

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-51384
Published: Dec. 18, 2023
Modified: May 16, 2024

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
openquantumsafe-opensshsisyphus8.9p1.202310-alt28.9p1.202310-alt2ALT-PU-2024-1046-5337714Fixed
openquantumsafe-opensshp118.9p1.202310-alt28.9p1.202310-alt2ALT-PU-2024-1046-5337714Fixed
opensshsisyphus9.6p1-alt19.6p1-alt1ALT-PU-2024-1364-1338324Fixed
opensshsisyphus_riscv649.6p1-alt19.6p1-alt1ALT-PU-2024-2944-1-Fixed
opensshsisyphus_loongarch649.6p1-alt19.6p1-alt1ALT-PU-2024-1503-1-Fixed
opensshp119.6p1-alt19.6p1-alt1ALT-PU-2024-1364-1338324Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.openssh.com/txt/release-9.6
  • Release Notes
https://www.openwall.com/lists/oss-security/2023/12/18/2
  • Mailing List
  • Release Notes
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
  • Patch
  • Third Party Advisory
DSA-5586
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20240105-0005/
  • Third Party Advisory
https://support.apple.com/kb/HT214084
  • Third Party Advisory
20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4
  • Mailing List
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
      Start including
      8.9
      End excliding
      9.6

      Configuration 2

      cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top