CVE-2023-28531

Common Vulnerabilities and Exposures

Last Post by Ivan Lon 2 weeks ago

1 Posts

1 Users

0 Likes

14 Views

RSS

Ivan Lon

(@ivan)

Posts: 47

Eminent Member

Topic starter

Description:-

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

References

https://www.openwall.com/lists/oss-security/2023/03/15/8
https://security.netapp.com/advisory/ntap-20230413-0008/
security.gentoo.org: GLSA-202307-01
debian.org: DSA-5586
lists.fedoraproject.org: FEDORA-2024-2aac54ebb7

Posted : 07/05/2024 4:23 pm

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed