USN-3809-2: OpenSSH regression
12 August 2021
USN-3809-1 introduced a regression in OpenSSH.
- openssh - secure shell (SSH) for secure access to remote machines
USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473
was incomplete and could introduce a regression in certain environments.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Robert Swiecki discovered that OpenSSH incorrectly handled certain messages.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
It was discovered that OpenSSH incorrectly handled certain requests.
An attacker could possibly use this issue to access sensitive information.