CVE-2023-38408
Publication date 19 July 2023
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Status
Package | Ubuntu Release | Status |
---|---|---|
openssh | 24.04 LTS noble |
Fixed 1:9.3p1-1ubuntu2
|
22.04 LTS jammy |
Fixed 1:8.9p1-3ubuntu0.3
|
|
20.04 LTS focal |
Fixed 1:8.2p1-4ubuntu0.8
|
|
18.04 LTS bionic |
Fixed 1:7.6p1-4ubuntu0.7+esm1
|
|
16.04 LTS xenial |
Fixed 1:7.2p2-4ubuntu2.10+esm3
|
|
14.04 LTS trusty |
Fixed 1:6.6p1-2ubuntu2.13+esm1
|
|
openssh-ssh1 | 24.04 LTS noble |
Needs evaluation
|
22.04 LTS jammy |
Needs evaluation
|
|
20.04 LTS focal |
Needs evaluation
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release |
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProNotes
seth-arnold
openssh-ssh1 is provided for compatibility with old devices that cannot be upgraded to modern protocols. Thus we may not provide security support for this package if doing so would prevent access to equipment.
Patch details
Package | Patch details |
---|---|
openssh |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 · Critical |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-6242-1
- OpenSSH vulnerability
- 24 July 2023
- USN-6242-2
- OpenSSH vulnerability
- 31 July 2023