Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-10010 (GCVE-0-2016-10010)
Vulnerability from cvelistv5
Published
2017-01-05 00:00
Modified
2024-08-06 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:32.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94972",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94972"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "1037490",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037490"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"name": "FreeBSD-SA-17:01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"name": "40962",
"tags": [
"exploit",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40962/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "94972",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/94972"
},
{
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "1037490",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1037490"
},
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"name": "FreeBSD-SA-17:01",
"tags": [
"vendor-advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"name": "40962",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/40962/"
},
{
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10010",
"datePublished": "2017-01-05T00:00:00",
"dateReserved": "2016-12-19T00:00:00",
"dateUpdated": "2024-08-06T03:07:32.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-10010\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-01-05T02:59:03.087\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.\"},{\"lang\":\"es\",\"value\":\"sshd en OpenSSH en versiones anteriores a 7.4, cuando no se utiliza la separaci\u00f3n de privilegios, crea Unix-domain sockets reenviados como root, lo que podr\u00eda permitir a usuarios locales obtener privilegios a trav\u00e9s de vectores no especificados, relacionado con serverloop.c.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.3\",\"matchCriteriaId\":\"B5D52975-3CB0-4BF7-975F-66EF9BF42A06\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/19/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://www.securityfocus.com/bid/94972\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1037490\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20171130-0002/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/40962/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.openssh.com/txt/release-7.4\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/19/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://www.securityfocus.com/bid/94972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037490\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20171130-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/40962/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssh.com/txt/release-7.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
fkie_cve-2016-10010
Vulnerability from fkie_nvd
Published
2017-01-05 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/12/19/2 | Mailing List, Release Notes | |
| cve@mitre.org | http://www.securityfocus.com/bid/94972 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1037490 | ||
| cve@mitre.org | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637 | ||
| cve@mitre.org | https://bugs.chromium.org/p/project-zero/issues/detail?id=1010 | ||
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf | ||
| cve@mitre.org | https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce | Patch | |
| cve@mitre.org | https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20171130-0002/ | ||
| cve@mitre.org | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/40962/ | ||
| cve@mitre.org | https://www.openssh.com/txt/release-7.4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/12/19/2 | Mailing List, Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94972 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037490 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/project-zero/issues/detail?id=1010 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20171130-0002/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/40962/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openssh.com/txt/release-7.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D52975-3CB0-4BF7-975F-66EF9BF42A06",
"versionEndIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c."
},
{
"lang": "es",
"value": "sshd en OpenSSH en versiones anteriores a 7.4, cuando no se utiliza la separaci\u00f3n de privilegios, crea Unix-domain sockets reenviados como root, lo que podr\u00eda permitir a usuarios locales obtener privilegios a trav\u00e9s de vectores no especificados, relacionado con serverloop.c."
}
],
"id": "CVE-2016-10010",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-05T02:59:03.087",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/94972"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"source": "cve@mitre.org",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"source": "cve@mitre.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/40962/"
},
{
"source": "cve@mitre.org",
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40962/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.openssh.com/txt/release-7.4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
opensuse-su-2024:11124-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
openssh-8.4p1-7.4 on GA media
Notes
Title of the patch
openssh-8.4p1-7.4 on GA media
Description of the patch
These are all security issues fixed in the openssh-8.4p1-7.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11124
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "openssh-8.4p1-7.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the openssh-8.4p1-7.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11124",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11124-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-0225 page",
"url": "https://www.suse.com/security/cve/CVE-2006-0225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-4752 page",
"url": "https://www.suse.com/security/cve/CVE-2007-4752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10010 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20685 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6109 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6110 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6111 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6111/"
}
],
"title": "openssh-8.4p1-7.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11124-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-8.4p1-7.4.aarch64",
"product_id": "openssh-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-cavs-8.4p1-7.4.aarch64",
"product_id": "openssh-cavs-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-clients-8.4p1-7.4.aarch64",
"product_id": "openssh-clients-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-common-8.4p1-7.4.aarch64",
"product_id": "openssh-common-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-fips-8.4p1-7.4.aarch64",
"product_id": "openssh-fips-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-helpers-8.4p1-7.4.aarch64",
"product_id": "openssh-helpers-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-server-8.4p1-7.4.aarch64",
"product_id": "openssh-server-8.4p1-7.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-8.4p1-7.4.ppc64le",
"product_id": "openssh-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-cavs-8.4p1-7.4.ppc64le",
"product_id": "openssh-cavs-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-clients-8.4p1-7.4.ppc64le",
"product_id": "openssh-clients-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-common-8.4p1-7.4.ppc64le",
"product_id": "openssh-common-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-fips-8.4p1-7.4.ppc64le",
"product_id": "openssh-fips-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-helpers-8.4p1-7.4.ppc64le",
"product_id": "openssh-helpers-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-server-8.4p1-7.4.ppc64le",
"product_id": "openssh-server-8.4p1-7.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.s390x",
"product": {
"name": "openssh-8.4p1-7.4.s390x",
"product_id": "openssh-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.s390x",
"product": {
"name": "openssh-cavs-8.4p1-7.4.s390x",
"product_id": "openssh-cavs-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.s390x",
"product": {
"name": "openssh-clients-8.4p1-7.4.s390x",
"product_id": "openssh-clients-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.s390x",
"product": {
"name": "openssh-common-8.4p1-7.4.s390x",
"product_id": "openssh-common-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.s390x",
"product": {
"name": "openssh-fips-8.4p1-7.4.s390x",
"product_id": "openssh-fips-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.s390x",
"product": {
"name": "openssh-helpers-8.4p1-7.4.s390x",
"product_id": "openssh-helpers-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.s390x",
"product": {
"name": "openssh-server-8.4p1-7.4.s390x",
"product_id": "openssh-server-8.4p1-7.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-8.4p1-7.4.x86_64",
"product_id": "openssh-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-cavs-8.4p1-7.4.x86_64",
"product_id": "openssh-cavs-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-clients-8.4p1-7.4.x86_64",
"product_id": "openssh-clients-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-common-8.4p1-7.4.x86_64",
"product_id": "openssh-common-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-fips-8.4p1-7.4.x86_64",
"product_id": "openssh-fips-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-helpers-8.4p1-7.4.x86_64",
"product_id": "openssh-helpers-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-server-8.4p1-7.4.x86_64",
"product_id": "openssh-server-8.4p1-7.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x"
},
"product_reference": "openssh-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-cavs-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-cavs-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x"
},
"product_reference": "openssh-cavs-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-cavs-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-clients-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-clients-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x"
},
"product_reference": "openssh-clients-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-clients-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-common-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-common-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x"
},
"product_reference": "openssh-common-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-common-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-fips-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-fips-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x"
},
"product_reference": "openssh-fips-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-fips-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-helpers-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-helpers-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x"
},
"product_reference": "openssh-helpers-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-helpers-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-server-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-server-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x"
},
"product_reference": "openssh-server-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-server-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-0225",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-0225"
}
],
"notes": [
{
"category": "general",
"text": "scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-0225",
"url": "https://www.suse.com/security/cve/CVE-2006-0225"
},
{
"category": "external",
"summary": "SUSE Bug 143435 for CVE-2006-0225",
"url": "https://bugzilla.suse.com/143435"
},
{
"category": "external",
"summary": "SUSE Bug 206456 for CVE-2006-0225",
"url": "https://bugzilla.suse.com/206456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2006-0225"
},
{
"cve": "CVE-2007-4752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-4752"
}
],
"notes": [
{
"category": "general",
"text": "ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-4752",
"url": "https://www.suse.com/security/cve/CVE-2007-4752"
},
{
"category": "external",
"summary": "SUSE Bug 308521 for CVE-2007-4752",
"url": "https://bugzilla.suse.com/308521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2007-4752"
},
{
"cve": "CVE-2008-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1483"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1483",
"url": "https://www.suse.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "SUSE Bug 1069509 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "external",
"summary": "SUSE Bug 373527 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/373527"
},
{
"category": "external",
"summary": "SUSE Bug 585630 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/585630"
},
{
"category": "external",
"summary": "SUSE Bug 647633 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/647633"
},
{
"category": "external",
"summary": "SUSE Bug 706386 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/706386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2008-1483"
},
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10010"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10010",
"url": "https://www.suse.com/security/cve/CVE-2016-10010"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016368 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016368"
},
{
"category": "external",
"summary": "SUSE Bug 1021751 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1021751"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1196721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
},
{
"cve": "CVE-2018-20685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20685"
}
],
"notes": [
{
"category": "general",
"text": "In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20685",
"url": "https://www.suse.com/security/cve/CVE-2018-20685"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1123220 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1123220"
},
{
"category": "external",
"summary": "SUSE Bug 1131109 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1131109"
},
{
"category": "external",
"summary": "SUSE Bug 1134932 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1134932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-20685"
},
{
"cve": "CVE-2019-6109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6109"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6109",
"url": "https://www.suse.com/security/cve/CVE-2019-6109"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1121816 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121816"
},
{
"category": "external",
"summary": "SUSE Bug 1121818 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121818"
},
{
"category": "external",
"summary": "SUSE Bug 1121821 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121821"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1144902 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1144902"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1148884 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1148884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6109"
},
{
"cve": "CVE-2019-6110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6110"
}
],
"notes": [
{
"category": "general",
"text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6110",
"url": "https://www.suse.com/security/cve/CVE-2019-6110"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1121816 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121816"
},
{
"category": "external",
"summary": "SUSE Bug 1121818 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121818"
},
{
"category": "external",
"summary": "SUSE Bug 1121821 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6110"
},
{
"cve": "CVE-2019-6111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6111"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6111",
"url": "https://www.suse.com/security/cve/CVE-2019-6111"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1121816 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121816"
},
{
"category": "external",
"summary": "SUSE Bug 1121818 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121818"
},
{
"category": "external",
"summary": "SUSE Bug 1121821 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121821"
},
{
"category": "external",
"summary": "SUSE Bug 1123028 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1123028"
},
{
"category": "external",
"summary": "SUSE Bug 1123220 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1123220"
},
{
"category": "external",
"summary": "SUSE Bug 1131109 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1131109"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1144902 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1144902"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1148884 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1148884"
},
{
"category": "external",
"summary": "SUSE Bug 1201840 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1201840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6111"
}
]
}
gsd-2016-10010
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-10010",
"description": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"id": "GSD-2016-10010",
"references": [
"https://www.suse.com/security/cve/CVE-2016-10010.html",
"https://ubuntu.com/security/CVE-2016-10010",
"https://security.archlinux.org/CVE-2016-10010",
"https://packetstormsecurity.com/files/cve/CVE-2016-10010"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-10010"
],
"details": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"id": "GSD-2016-10010",
"modified": "2023-12-13T01:21:27.126920Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94972",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94972"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171130-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "1037490",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"name": "FreeBSD-SA-17:01",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"name": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637",
"refsource": "CONFIRM",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"name": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce",
"refsource": "CONFIRM",
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"name": "40962",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40962/"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"name": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"name": "https://www.openssh.com/txt/release-7.4",
"refsource": "CONFIRM",
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10010"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "https://www.openssh.com/txt/release-7.4",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"name": "40962",
"refsource": "EXPLOIT-DB",
"tags": [],
"url": "https://www.exploit-db.com/exploits/40962/"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010",
"refsource": "MISC",
"tags": [],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"name": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"name": "1037490",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1037490"
},
{
"name": "94972",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/94972"
},
{
"name": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"name": "FreeBSD-SA-17:01",
"refsource": "FREEBSD",
"tags": [],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171130-0002/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-12-13T12:15Z",
"publishedDate": "2017-01-05T02:59Z"
}
}
}
suse-su-2017:0264-1
Vulnerability from csaf_suse
Published
2017-01-23 12:26
Modified
2017-01-23 12:26
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes several issues.
These security issues were fixed:
- CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests (bsc#1005480).
- CVE-2016-10012: The shared memory manager (associated with pre-authentication compression) did not ensure that a bounds check is enforced by all compilers, which might allowed local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures (bsc#1016370).
- CVE-2016-10009: Untrusted search path vulnerability in ssh-agent.c allowed remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket (bsc#1016366).
- CVE-2016-10010: When forwarding unix domain sockets with privilege separation disabled, the resulting sockets have be created as 'root' instead of the authenticated user. Forwarding unix domain sockets without privilege separation enabled is now rejected.
- CVE-2016-10011: authfile.c in sshd did not properly consider the effects of realloc on buffer contents, which might allowed local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process (bsc#1016369).
These non-security issues were fixed:
- Adjusted suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
- Properly verify CIDR masks in configuration (bsc#1005893)
Patchnames
SUSE-SLE-DESKTOP-12-SP2-2017-138,SUSE-SLE-RPI-12-SP2-2017-138,SUSE-SLE-SERVER-12-SP2-2017-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests (bsc#1005480).\n- CVE-2016-10012: The shared memory manager (associated with pre-authentication compression) did not ensure that a bounds check is enforced by all compilers, which might allowed local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures (bsc#1016370).\n- CVE-2016-10009: Untrusted search path vulnerability in ssh-agent.c allowed remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket (bsc#1016366).\n- CVE-2016-10010: When forwarding unix domain sockets with privilege separation disabled, the resulting sockets have be created as \u0027root\u0027 instead of the authenticated user. Forwarding unix domain sockets without privilege separation enabled is now rejected.\n- CVE-2016-10011: authfile.c in sshd did not properly consider the effects of realloc on buffer contents, which might allowed local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process (bsc#1016369).\n\nThese non-security issues were fixed:\n\n- Adjusted suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)\n- Properly verify CIDR masks in configuration (bsc#1005893)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP2-2017-138,SUSE-SLE-RPI-12-SP2-2017-138,SUSE-SLE-SERVER-12-SP2-2017-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0264-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0264-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170264-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0264-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002592.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016368",
"url": "https://bugzilla.suse.com/1016368"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE Bug 1016370",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10010 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-01-23T12:26:09Z",
"generator": {
"date": "2017-01-23T12:26:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0264-1",
"initial_release_date": "2017-01-23T12:26:09Z",
"revision_history": [
{
"date": "2017-01-23T12:26:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.aarch64",
"product": {
"name": "openssh-7.2p2-66.1.aarch64",
"product_id": "openssh-7.2p2-66.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.aarch64",
"product": {
"name": "openssh-fips-7.2p2-66.1.aarch64",
"product_id": "openssh-fips-7.2p2-66.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.aarch64",
"product": {
"name": "openssh-helpers-7.2p2-66.1.aarch64",
"product_id": "openssh-helpers-7.2p2-66.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.ppc64le",
"product": {
"name": "openssh-7.2p2-66.1.ppc64le",
"product_id": "openssh-7.2p2-66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.ppc64le",
"product": {
"name": "openssh-fips-7.2p2-66.1.ppc64le",
"product_id": "openssh-fips-7.2p2-66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.ppc64le",
"product": {
"name": "openssh-helpers-7.2p2-66.1.ppc64le",
"product_id": "openssh-helpers-7.2p2-66.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.s390x",
"product": {
"name": "openssh-7.2p2-66.1.s390x",
"product_id": "openssh-7.2p2-66.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.s390x",
"product": {
"name": "openssh-fips-7.2p2-66.1.s390x",
"product_id": "openssh-fips-7.2p2-66.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.s390x",
"product": {
"name": "openssh-helpers-7.2p2-66.1.s390x",
"product_id": "openssh-helpers-7.2p2-66.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.x86_64",
"product": {
"name": "openssh-7.2p2-66.1.x86_64",
"product_id": "openssh-7.2p2-66.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.x86_64",
"product": {
"name": "openssh-helpers-7.2p2-66.1.x86_64",
"product_id": "openssh-helpers-7.2p2-66.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.x86_64",
"product": {
"name": "openssh-fips-7.2p2-66.1.x86_64",
"product_id": "openssh-fips-7.2p2-66.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x"
},
"product_reference": "openssh-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x"
},
"product_reference": "openssh-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10010"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10010",
"url": "https://www.suse.com/security/cve/CVE-2016-10010"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016368 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016368"
},
{
"category": "external",
"summary": "SUSE Bug 1021751 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1021751"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1196721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "important"
}
],
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
ghsa-3m33-m56x-q24g
Vulnerability from github
Published
2022-05-14 03:20
Modified
2025-04-12 13:07
Severity ?
VLAI Severity ?
Details
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
{
"affected": [],
"aliases": [
"CVE-2016-10010"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-01-05T02:59:00Z",
"severity": "HIGH"
},
"details": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"id": "GHSA-3m33-m56x-q24g",
"modified": "2025-04-12T13:07:58Z",
"published": "2022-05-14T03:20:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10010"
},
{
"type": "WEB",
"url": "https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"
},
{
"type": "WEB",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20171130-0002"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/40962"
},
{
"type": "WEB",
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94972"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"type": "WEB",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
wid-sec-w-2023-1996
Vulnerability from csaf_certbund
Published
2016-12-19 23:00
Modified
2024-05-07 22:00
Summary
OpenSSH: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen, seine Privilegien zu erweitern oder einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren, seine Privilegien zu erweitern oder einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1996 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-1996.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1996 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1996"
},
{
"category": "external",
"summary": "OpenSSH 7.4 Release vom 2016-12-19",
"url": "http://www.openssh.com/txt/release-7.4"
},
{
"category": "external",
"summary": "SecurityTracker Alert ID 1037490 vom 2016-12-19",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory: FreeBSD-SA-17:01.openssh.asc",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0264-1 vom 2017-01-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170264-1.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K64292204 vom 2017-01-24",
"url": "https://support.f5.com/csp/article/K64292204"
},
{
"category": "external",
"summary": "F5 Security Advisory K31440025 vom 2017-01-24",
"url": "https://support.f5.com/csp/article/K31440025"
},
{
"category": "external",
"summary": "F5 Security Advisory K62201745 vom 2017-01-27",
"url": "https://support.f5.com/csp/article/K62201745"
},
{
"category": "external",
"summary": "IBM Security Advisory openssh_advisory10.asc",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory10.asc"
},
{
"category": "external",
"summary": "The FreeBSD Project Security Advisory: FreeBSD-SA-17:01.openssh",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0603-1 vom 2017-03-03",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170603-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0607-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0606-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170606-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:1661-1 vom 2017-06-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171661-1.html"
},
{
"category": "external",
"summary": "RedHat Security Advisory: RHSA-2017:2029",
"url": "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3538-1 vom 2018-01-22",
"url": "http://www.ubuntu.com/usn/usn-3538-1/"
},
{
"category": "external",
"summary": "McAfee Security Bulletin: SB10239",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10239"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2275-1 vom 2018-08-10",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182275-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2685-1 vom 2018-09-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182685-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2719-1 vom 2018-09-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182719-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3540-1 vom 2018-10-29",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183540-1.html"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory PAN-SA-2020-0005 vom 2020-05-13",
"url": "https://security.paloaltonetworks.com/PAN-SA-2020-0005"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11169 vom 2021-04-16",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11169"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2176 vom 2023-08-09",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2176.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1802 vom 2023-08-23",
"url": "https://alas.aws.amazon.com/ALAS-2023-1802.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
}
],
"source_lang": "en-US",
"title": "OpenSSH: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-07T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:56:43.803+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1996",
"initial_release_date": "2016-12-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-10T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-29T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "10",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-22T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2017-03-05T23:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "15",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-06-26T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2017-08-01T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2017-08-07T22:00:00.000+00:00",
"number": "18",
"summary": "Added references"
},
{
"date": "2018-06-13T22:00:00.000+00:00",
"number": "19",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "21",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "22",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-23T22:00:00.000+00:00",
"number": "23",
"summary": "Added references"
},
{
"date": "2018-09-11T22:00:00.000+00:00",
"number": "24",
"summary": "Produkte erg\u00e4nzt"
},
{
"date": "2018-09-11T22:00:00.000+00:00",
"number": "25",
"summary": "New remediations available"
},
{
"date": "2018-09-16T22:00:00.000+00:00",
"number": "26",
"summary": "New remediations available"
},
{
"date": "2018-10-29T23:00:00.000+00:00",
"number": "27",
"summary": "New remediations available"
},
{
"date": "2020-05-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Palo Alto Networks aufgenommen"
},
{
"date": "2021-04-15T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "32"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"category": "product_name",
"name": "IBM VIOS",
"product": {
"name": "IBM VIOS",
"product_id": "T004571",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.4",
"product": {
"name": "Open Source OpenSSH \u003c7.4",
"product_id": "8223"
}
}
],
"category": "product_name",
"name": "OpenSSH"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "PaloAlto Networks PAN-OS",
"product": {
"name": "PaloAlto Networks PAN-OS",
"product_id": "T012790",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:-"
}
}
}
],
"category": "vendor",
"name": "PaloAlto Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit dem ssh-agent(1). Diese Schwachstelle beruht darauf, dass \u00fcber den ssh-agent PKCS#11 Module von nicht vertrauensw\u00fcrdigen Pfaden geladen werden k\u00f6nnen. Ein Angreifer kann diese Schwachstelle ausnutzen, um \u00fcber einen weitergeleiteten Agent Channel malizi\u00f6se PKCS#11 Module zu laden. Da es sich bei PKCS#11 Module um geteilte Bibliotheken (Shared Libraries) handelt, ist in der Folge Codeausf\u00fchrung auf dem System, das den ssh-agent ausf\u00fchrt, m\u00f6glich."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"4035",
"T000126",
"T034583",
"398363",
"5094",
"T004571"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH im Zusammenhang mit sshd(8). Wenn \"Privilege Separation\" deaktiviert ist, dann k\u00f6nnen \u00fcber sshd(8) \"forwarded Unix-Domain Sockets\" mit root-Berechtigungen erzeugt werden, anstatt mit den Berechtigungen des authentisierten Benutzers. Somit ist ein Angreifer in der Lage seine Privilegien zu erh\u00f6hen."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"4035",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Diese Schwachstelle beruht auf einer fehlerhaften Berechtigungstrennung bei Child-Prozessen \u00fcber \"reallloc()\", wenn SSH Schl\u00fcssel gelesen werden. In der Folge kann ein Angreifer diese Schwachstelle ausnutzen, um Teile des Host Private Key offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Die Schwachstelle basiert auf einer fehlerhaften Kontrolle der Puffergrenzen des \"Shared Memory Managers\". Ein Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erh\u00f6hen."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10012"
},
{
"notes": [
{
"category": "description",
"text": "Es existiert eine Denial of Service Schwachstelle in OpenSSH im Zusammenhang mit sshd(8). Diese Schwachstelle besteht aufgrund fehlerhafter Verarbeitung von KEXINIT Nachrichten. In der Folge kann ein entfernter anonymer Angreifer diese Schwachstelle durch Senden von mehreren KEXINIT Nachrichten ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"4035",
"T000126",
"7654",
"T034583",
"5930",
"398363",
"5094",
"T004571",
"T012790"
]
},
"release_date": "2016-12-20T23:00:00.000+00:00"
},
{
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Diese Schwachstelle beruht darauf, dass Adressbereichen f\u00fcr \"AllowUser\" und \"DenyUsers\" Direktiven fehlerhaft validiert werden. In der Folge werden durch die Konfiguration ung\u00fcltiger CIDR Adressbereiche (z.B. benutzer@127.1.1.2/55) Zugriffe erlaubt bzw. erm\u00f6glicht, welche nicht beabsichtigt wurden."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-20T23:00:00.000+00:00"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…