openssh-8.7p1-29.el9

エラータID: AXSA:2023-6041:05

Release date: 
Thursday, June 15, 2023 - 09:30
Subject: 
openssh-8.7p1-29.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

* openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability (CVE-2023-25136)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

Solution: 

Update packages.

CVEs: 
CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."
Additional Info: 

N/A

Download: 

SRPMS
  1. openssh-8.7p1-29.el9.src.rpm
    MD5: a89183b25c8831bad2fb02185be16a1e
    SHA-256: aeaab5f7c244f4d363801d3581833cc55c7bc118721444f7c1eef8ef23f99bb8
    Size: 2.25 MB

Asianux Server 9 for x86_64
  1. openssh-8.7p1-29.el9.x86_64.rpm
    MD5: 5f70d25a2d78057c811e00cb04e016b9
    SHA-256: df4ff453eed70ef9c6bd91e577721f6b1e3f556a98d6e0b2be5b8c4cbd9d8bf5
    Size: 451.99 kB
  2. openssh-askpass-8.7p1-29.el9.x86_64.rpm
    MD5: 0ced22dbfa44c1a0986e6f18b5d5ad90
    SHA-256: 51a7c66cdf588fb3190a804a8f3aa9255e74de77cb80aaca662d7d5161f5f644
    Size: 20.42 kB
  3. openssh-clients-8.7p1-29.el9.x86_64.rpm
    MD5: 8f6efade4beb8de816a8dae848642be7
    SHA-256: 207a5858c6eefefdaf099aee90d837acf430b1456a5b95c609674431b0c5b958
    Size: 700.09 kB
  4. openssh-keycat-8.7p1-29.el9.x86_64.rpm
    MD5: cbc00edbaf8a09ead7d8920740a61118
    SHA-256: 3a03f205f1bf845cae9c39b42a756ae920e8d22b2c17b7816b3f849649fa0976
    Size: 21.91 kB
  5. openssh-server-8.7p1-29.el9.x86_64.rpm
    MD5: 066fb8fc6cc1729769c21e7b5c3bcf67
    SHA-256: 97444e3099ee19638915b43fcd819320d3912e9906311c0ca4a8d1706feeaf28
    Size: 453.95 kB
  6. pam_ssh_agent_auth-0.10.4-5.29.el9.x86_64.rpm
    MD5: d2225ae0a3cde90742fee7691671082b
    SHA-256: 00d9d7fb27f419916407b4c931f3afca5d58f59f640f0a1b6cb73e92eb7e7cb8
    Size: 67.74 kB