SUSE-SU-2023:2945-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20232945-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2945-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2023:2945-1
- Related
- Published
- 2023-07-24T07:38:17Z
- Modified
- 2023-07-24T07:38:17Z
- Summary
- Security update for openssh
- Details
-
This update for openssh fixes the following issues:
CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim's system and if the agent was forwarded to an attacker-controlled system. [bsc#1213504, CVE-2023-38408]
Close the right filedescriptor and also close fdh in read_hmac to avoid file descriptor leaks. [bsc#1209536]
Attempts to mitigate instances of secrets lingering in memory after a session exits. [bsc#1186673, bsc#1213004, bsc#1213008]
- References
Affected packages
SUSE:Linux Enterprise Micro 5.3 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
SUSE:Linux Enterprise Micro 5.4 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Micro%205.4
SUSE:Linux Enterprise Module for Basesystem 15 SP4 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
SUSE:Linux Enterprise Module for Basesystem 15 SP5 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5
SUSE:Linux Enterprise Module for Desktop Applications 15 SP4 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4
SUSE:Linux Enterprise Module for Desktop Applications 15 SP5 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5
SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise Real Time 15 SP3 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise Real Time 15 SP3 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise Server 15 SP3-LTSS / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise Server 15 SP3-LTSS / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Manager Proxy 4.2 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Manager%20Proxy%204.2
SUSE:Manager Server 4.2 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Manager%20Server%204.2
SUSE:Linux Enterprise Micro 5.1 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
SUSE:Linux Enterprise Micro 5.2 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
SUSE:Enterprise Storage 7.1 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/suse/openssh&distro=SUSE%20Enterprise%20Storage%207.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
SUSE:Enterprise Storage 7.1 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Enterprise%20Storage%207.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
openSUSE:Leap Micro 5.3 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/opensuse/openssh&distro=openSUSE%20Leap%20Micro%205.3
openSUSE:Leap 15.4 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/opensuse/openssh&distro=openSUSE%20Leap%2015.4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-cavs": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
openSUSE:Leap 15.4 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/opensuse/openssh-askpass-gnome&distro=openSUSE%20Leap%2015.4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-cavs": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
openSUSE:Leap 15.5 / openssh
Package
- Name
- openssh
- Purl
- pkg:rpm/opensuse/openssh&distro=openSUSE%20Leap%2015.5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-cavs": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}
openSUSE:Leap 15.5 / openssh-askpass-gnome
Package
- Name
- openssh-askpass-gnome
- Purl
- pkg:rpm/opensuse/openssh-askpass-gnome&distro=openSUSE%20Leap%2015.5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4p1-150300.3.22.1
Ecosystem specific
{
"binaries": [
{
"openssh-fips": "8.4p1-150300.3.22.1",
"openssh-server": "8.4p1-150300.3.22.1",
"openssh": "8.4p1-150300.3.22.1",
"openssh-clients": "8.4p1-150300.3.22.1",
"openssh-cavs": "8.4p1-150300.3.22.1",
"openssh-askpass-gnome": "8.4p1-150300.3.22.1",
"openssh-helpers": "8.4p1-150300.3.22.1",
"openssh-common": "8.4p1-150300.3.22.1"
}
]
}