SUSE-SU-2023:2945-1 -- SLES opensshID: oval:org.secpod.oval:def:89049134 | Date: (C)2023-08-30 (M)2024-04-11 |
Class: PATCH | Family: unix |
This update for openssh fixes the following issues: * CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh- agent"s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim"s system and if the agent was forwarded to an attacker-controlled system. [bsc#1213504, CVE-2023-38408] * Close the right filedescriptor and also close fdh in read_hmac to avoid file descriptor leaks. [bsc#1209536] * Attempts to mitigate instances of secrets lingering in memory after a session exits. [bsc#1186673, bsc#1213004, bsc#1213008]
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Desktop 15 SP5 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP5 |
SUSE Linux Enterprise Server 15 SP3 |