OpenSSH 9.3p2 with security fix
OpenSSH 9.3p2 with security fix
www.openssh.com /txt/release-9.3p2
Fix CVE-2023-38408 - a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met:
- Exploitation requires the presence of specific libraries on the victim system.
- Remote exploitation requires that the agent was forwarded to an attacker-controlled system.
In addition to removing the main precondition for exploitation, this release removes the ability for remote ssh-agent(1) clients to load PKCS#11 modules by default (see below).
0
comments