USN-6565-1: OpenSSH vulnerabilities
3 January 2024
Several security issues were fixed in OpenSSH.
Releases
Packages
- openssh - secure shell (SSH) for secure access to remote machines
Details
It was discovered that OpenSSH incorrectly handled supplemental groups when
running helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand as a different user. An attacker could possibly
use this issue to escalate privileges. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-41617)
It was discovered that OpenSSH incorrectly added destination constraints
when PKCS#11 token keys were added to ssh-agent, contrary to expectations.
This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-51384)
It was discovered that OpenSSH incorrectly handled user names or host names
with shell metacharacters. An attacker could possibly use this issue to
perform OS command injection. (CVE-2023-51385)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10
Ubuntu 23.04
Ubuntu 22.04
Ubuntu 20.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5666-1: ssh-askpass-gnome, openssh-sftp-server, openssh-client, openssh-server, openssh, ssh-krb5, ssh, openssh-client-ssh1
- USN-6560-2: ssh-askpass-gnome, openssh-sftp-server, openssh-client, openssh-server, openssh, ssh-krb5, ssh, openssh-client-ssh1
- USN-6560-3: ssh-askpass-gnome, openssh-sftp-server, openssh-client, openssh-server, openssh, ssh-krb5, ssh, openssh-client-ssh1