openssh-8.7p1-30.el9
エラータID: AXSA:2023-6281:08
リリース日:
2023/08/02 Wednesday - 11:42
題名:
openssh-8.7p1-30.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- OpenSSH の ssh-agent には、PKCS#11 機能がロードする共有ライブラリ
の検索パスに問題があるため、リモートの攻撃者により、攻撃者が制御可能
なシステムへの ssh-agent を用いた通信の転送を介して、任意のコードの
実行を可能とする脆弱性が存在します。(CVE-2023-38408)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
追加情報:
N/A
ダウンロード:
SRPMS
- openssh-8.7p1-30.el9.src.rpm
MD5: 579d72204b6dcb801ce66ead6ad3722a
SHA-256: 628ef16afe762305489b4fa057962763ccd8ebcd7c9acb2edb355aad7fb38c2b
Size: 2.25 MB
Asianux Server 9 for x86_64
- openssh-8.7p1-30.el9.x86_64.rpm
MD5: e035403fa2dd406f87a6c2a0d74bf8eb
SHA-256: b302ecec08b15bb43c54546eb157228d2299a8b44b96f67a11396bd267cfce6c
Size: 451.36 kB - openssh-askpass-8.7p1-30.el9.x86_64.rpm
MD5: d8189d6646868a2d1553556f1cfaae9b
SHA-256: 1b615bf25e7935c4662e7c855c33b8599fa2cfb2d727453a46ca9dde5df4b669
Size: 19.66 kB - openssh-clients-8.7p1-30.el9.x86_64.rpm
MD5: a55a9a0f7f4a442c1674fcbbb1b4aecf
SHA-256: 56820b9e79fdc64fc0c67ebf3edcc709712702640d8b9cf56f3d3ffc6acf1b7e
Size: 699.32 kB - openssh-keycat-8.7p1-30.el9.x86_64.rpm
MD5: b123a03dd8e1ef57b92d4062d0ed9924
SHA-256: eb8bdcb6cae3d4906f290e5ce24a0e0d6f6da6a5e62cc0e20d23d577dd1e72ac
Size: 21.16 kB - openssh-server-8.7p1-30.el9.x86_64.rpm
MD5: 058140df028f4f8d9ee5faa5b9f23dd5
SHA-256: 7dcbd86c8773a0c61c49f2cfccea3d33bf20895d14de6749fa89409d1ad33eed
Size: 453.02 kB - pam_ssh_agent_auth-0.10.4-5.30.el9.x86_64.rpm
MD5: 4bd267a1c91fdc7f3bbf80817b0935bb
SHA-256: 90a4543aa0c9adee6814f87b3769a67b2945f348ba4bb257eaf36646bb7f1946
Size: 66.98 kB