SUSE-SU-2023:2940-1 -- SLES opensshID: oval:org.secpod.oval:def:89049137 | Date: (C)2023-08-30 (M)2024-04-11 |
Class: PATCH | Family: unix |
This update for openssh fixes the following issues: * CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh- agent"s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim"s system and if the agent was forwarded to an attacker-controlled system. [bsc#1213504, CVE-2023-38408]
Platform: |
SUSE Linux Enterprise Server 12 SP2 |