[3.4] openssh: multiple issues (CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012)ID: oval:org.secpod.oval:def:1800880 | Date: (C)2018-03-29 (M)2024-05-22 |
Class: PATCH | Family: unix |
CVE-2016-10009: loading of untrusted PKCS#11 modules in ssh-agent. Ssh-agent could load PKCS#11 modules from paths outside of a trusted whitelist. An attacker able to load a crafted PKCS#11 module across a forwarded agent channel could potentially use this flaw to execute arbitrary code on the system running the ssh-agent. Note that the attacker must have control of the forwarded agent-socket and the ability to write to the filesystem of the host running ssh-agent. This issue was fixed by only allowing the loading of module from a trusted whitelist. Fixed In Version: openssh 7.4
Platform: |
Alpine Linux 3.4 |