Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-8858 (GCVE-0-2016-8858)
Vulnerability from cvelistv5
Published
2016-12-09 00:00
Modified
2024-08-06 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:01.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93776",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93776"
},
{
"name": "[oss-security] 20161020 Re: Re: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
},
{
"name": "[oss-security] 20161019 CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"name": "FreeBSD-SA-16:33",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"name": "1037057",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037057"
},
{
"name": "GLSA-201612-18",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"tags": [
"x_transferred"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "93776",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/93776"
},
{
"name": "[oss-security] 20161020 Re: Re: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
},
{
"name": "[oss-security] 20161019 CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"name": "FreeBSD-SA-16:33",
"tags": [
"vendor-advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"name": "1037057",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1037057"
},
{
"name": "GLSA-201612-18",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-8858",
"datePublished": "2016-12-09T00:00:00",
"dateReserved": "2016-10-19T00:00:00",
"dateUpdated": "2024-08-06T02:35:01.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-8858\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-12-09T11:59:00.207\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[{\"sourceIdentifier\":\"cve@mitre.org\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \\\"OpenSSH upstream does not consider this as a security issue.\\\"\"},{\"lang\":\"es\",\"value\":\"** DISPUTADA ** La funci\u00f3n kex_input_kexinit en kex.c en OpenSSH 6.x y 7.x hasta la versi\u00f3n 7.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) enviando muchas peticiones duplicadas KEXINIT. NOTA: un tercero reporta que \\\"OpenSSH upstream no considera esto como un problema de seguridad\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65A8629A-CFAE-4403-BEE7-622912483702\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0607649-62FE-41CB-9444-53CD9C5B67C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B0FB8D5-75CB-4691-AB9F-B4FA46973421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E1B240-BD86-41D3-BAC1-96005CB31DEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FC2BA97-6E7A-4AEF-8944-DB3AB8E14762\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5D3A31E-D785-406D-A8C8-FD122F4C9E38\"}]}]}],\"references\":[{\"url\":\"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/10/19/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/10/20/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93776\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037057\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1384860\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201612-18\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180201-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/10/19/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/10/20/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93776\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1384860\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201612-18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180201-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
wid-sec-w-2024-1052
Vulnerability from csaf_certbund
Published
2016-10-19 22:00
Modified
2024-05-07 22:00
Summary
OpenSSH: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Appliance
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1052 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-1052.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1052 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1052"
},
{
"category": "external",
"summary": "Meldung auf der oss-security Mailing Liste vom 2016-10-19",
"url": "http://marc.info/?l=oss-security\u0026m=147691278104995\u0026w=2"
},
{
"category": "external",
"summary": "Meldung auf der oss-security Mailing Liste vom 2016-10-19",
"url": "http://marc.info/?l=oss-security\u0026m=147684195716752\u0026w=2"
},
{
"category": "external",
"summary": "BlueCoat Security Advisory SA136",
"url": "https://bto.bluecoat.com/security-advisory/sa136"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0264-1 vom 2017-01-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170264-1.html"
},
{
"category": "external",
"summary": "IBM Security Advisory openssh_advisory10.asc",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory10.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0603-1 vom 2017-03-03",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170603-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0607-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0606-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170606-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:1661-1 vom 2017-06-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171661-1.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20180201-0001 vom 2018-02-02",
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
},
{
"category": "external",
"summary": "Update des NetApp Security Advisory NTAP-20180201-0001 vom 2018-02-09",
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
}
],
"source_lang": "en-US",
"title": "OpenSSH: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2024-05-07T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:08:36.541+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1052",
"initial_release_date": "2016-10-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2016-10-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-10-19T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-13T23:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-03-05T23:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2017-06-26T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2018-02-01T23:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2018-02-11T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "12"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"category": "product_name",
"name": "IBM VIOS",
"product": {
"name": "IBM VIOS",
"product_id": "T004571",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source OpenSSH",
"product": {
"name": "Open Source OpenSSH",
"product_id": "8223",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openssh:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8858",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH. Die Schwachstelle besteht in kex_input_kexinit(). Ein Angreifer kann dieses durch \u00d6ffnen einer Vielzahl von Verbindungen nutzen um Speicherplatz zu belegen und so einen Denial of Service Angriff durchf\u00fchren."
}
],
"product_status": {
"known_affected": [
"8223",
"T014381",
"T002207",
"7654",
"T034583",
"5094",
"T004571"
]
},
"release_date": "2016-10-19T22:00:00.000+00:00",
"title": "CVE-2016-8858"
}
]
}
ghsa-cfx4-r6f2-m2mc
Vulnerability from github
Published
2022-05-14 02:58
Modified
2024-03-21 03:33
Severity ?
VLAI Severity ?
Details
** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
{
"affected": [],
"aliases": [
"CVE-2016-8858"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-12-09T11:59:00Z",
"severity": "HIGH"
},
"details": "** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"id": "GHSA-cfx4-r6f2-m2mc",
"modified": "2024-03-21T03:33:12Z",
"published": "2022-05-14T02:58:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8858"
},
{
"type": "WEB",
"url": "https://github.com/dag-erling/kexkill/issues/1"
},
{
"type": "WEB",
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"type": "WEB",
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180201-0001"
},
{
"type": "WEB",
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"type": "WEB",
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/93776"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037057"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
suse-su-2017:1661-1
Vulnerability from csaf_suse
Published
2017-06-23 08:29
Modified
2017-06-23 08:29
Summary
Security update for openssh-openssl1
Notes
Title of the patch
Security update for openssh-openssl1
Description of the patch
This update for openssh-openssl1 fixes the following issues:
- Properly verify CIDR masks in configuration (bsc#1005893)
- CVE-2016-10009: limit directories for loading PKCS11 modules (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege
process handling authentication (bsc#1016369)
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- fix suggested command for removing conflicting server keys from
the known_hosts file (bsc#1006221)
Patchnames
secsp3-openssh-openssl1-13169
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh-openssl1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh-openssl1 fixes the following issues:\n\n\n- Properly verify CIDR masks in configuration (bsc#1005893)\n\n- CVE-2016-10009: limit directories for loading PKCS11 modules (bsc#1016366)\n\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege\n process handling authentication (bsc#1016369)\n\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n\n- fix suggested command for removing conflicting server keys from\n the known_hosts file (bsc#1006221)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "secsp3-openssh-openssl1-13169",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1661-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1661-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171661-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1661-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-June/002972.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh-openssl1",
"tracking": {
"current_release_date": "2017-06-23T08:29:32Z",
"generator": {
"date": "2017-06-23T08:29:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1661-1",
"initial_release_date": "2017-06-23T08:29:32Z",
"revision_history": [
{
"date": "2017-06-23T08:29:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.i586",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.i586",
"product_id": "openssh-openssl1-6.6p1-18.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.i586",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.i586",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.ia64",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.ia64",
"product_id": "openssh-openssl1-6.6p1-18.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.ia64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ia64",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.ppc64",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.ppc64",
"product_id": "openssh-openssl1-6.6p1-18.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.s390x",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.s390x",
"product_id": "openssh-openssl1-6.6p1-18.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.s390x",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.s390x",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.x86_64",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.x86_64",
"product_id": "openssh-openssl1-6.6p1-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.x86_64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.x86_64",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product": {
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:security"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-23T08:29:32Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-23T08:29:32Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-23T08:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
suse-su-2017:0607-2
Vulnerability from csaf_suse
Published
2017-03-06 10:26
Modified
2017-03-06 10:26
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
- Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2017-325,SUSE-SLE-SAP-12-2017-325,SUSE-SLE-SERVER-12-SP1-2017-325
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes the following issues:\n\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)\n\n- Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)\n- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2017-325,SUSE-SLE-SAP-12-2017-325,SUSE-SLE-SERVER-12-SP1-2017-325",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0607-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0607-2",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0607-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-March/002685.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-03-06T10:26:48Z",
"generator": {
"date": "2017-03-06T10:26:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0607-2",
"initial_release_date": "2017-03-06T10:26:48Z",
"revision_history": [
{
"date": "2017-03-06T10:26:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-fips-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-helpers-6.6p1-54.7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-6.6p1-54.7.1.s390x",
"product_id": "openssh-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.s390x",
"product_id": "openssh-fips-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x",
"product_id": "openssh-helpers-6.6p1-54.7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-6.6p1-54.7.1.x86_64",
"product_id": "openssh-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64",
"product_id": "openssh-helpers-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64",
"product_id": "openssh-fips-6.6p1-54.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:48Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:48Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:48Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
suse-su-2017:0607-3
Vulnerability from csaf_suse
Published
2017-03-06 10:26
Modified
2017-03-06 10:26
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
- Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
Patchnames
SUSE-SLE-SERVER-12-2017-325
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes the following issues:\n\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)\n\n- Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)\n- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-2017-325",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0607-3.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0607-3",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-3/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0607-3",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-March/002687.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-03-06T10:26:35Z",
"generator": {
"date": "2017-03-06T10:26:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0607-3",
"initial_release_date": "2017-03-06T10:26:35Z",
"revision_history": [
{
"date": "2017-03-06T10:26:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-fips-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-helpers-6.6p1-54.7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-6.6p1-54.7.1.s390x",
"product_id": "openssh-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.s390x",
"product_id": "openssh-fips-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x",
"product_id": "openssh-helpers-6.6p1-54.7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-6.6p1-54.7.1.x86_64",
"product_id": "openssh-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64",
"product_id": "openssh-fips-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64",
"product_id": "openssh-helpers-6.6p1-54.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:35Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:35Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:35Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
suse-su-2017:0264-1
Vulnerability from csaf_suse
Published
2017-01-23 12:26
Modified
2017-01-23 12:26
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes several issues.
These security issues were fixed:
- CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests (bsc#1005480).
- CVE-2016-10012: The shared memory manager (associated with pre-authentication compression) did not ensure that a bounds check is enforced by all compilers, which might allowed local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures (bsc#1016370).
- CVE-2016-10009: Untrusted search path vulnerability in ssh-agent.c allowed remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket (bsc#1016366).
- CVE-2016-10010: When forwarding unix domain sockets with privilege separation disabled, the resulting sockets have be created as 'root' instead of the authenticated user. Forwarding unix domain sockets without privilege separation enabled is now rejected.
- CVE-2016-10011: authfile.c in sshd did not properly consider the effects of realloc on buffer contents, which might allowed local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process (bsc#1016369).
These non-security issues were fixed:
- Adjusted suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
- Properly verify CIDR masks in configuration (bsc#1005893)
Patchnames
SUSE-SLE-DESKTOP-12-SP2-2017-138,SUSE-SLE-RPI-12-SP2-2017-138,SUSE-SLE-SERVER-12-SP2-2017-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests (bsc#1005480).\n- CVE-2016-10012: The shared memory manager (associated with pre-authentication compression) did not ensure that a bounds check is enforced by all compilers, which might allowed local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures (bsc#1016370).\n- CVE-2016-10009: Untrusted search path vulnerability in ssh-agent.c allowed remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket (bsc#1016366).\n- CVE-2016-10010: When forwarding unix domain sockets with privilege separation disabled, the resulting sockets have be created as \u0027root\u0027 instead of the authenticated user. Forwarding unix domain sockets without privilege separation enabled is now rejected.\n- CVE-2016-10011: authfile.c in sshd did not properly consider the effects of realloc on buffer contents, which might allowed local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process (bsc#1016369).\n\nThese non-security issues were fixed:\n\n- Adjusted suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)\n- Properly verify CIDR masks in configuration (bsc#1005893)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP2-2017-138,SUSE-SLE-RPI-12-SP2-2017-138,SUSE-SLE-SERVER-12-SP2-2017-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0264-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0264-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170264-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0264-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002592.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016368",
"url": "https://bugzilla.suse.com/1016368"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE Bug 1016370",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10010 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-01-23T12:26:09Z",
"generator": {
"date": "2017-01-23T12:26:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0264-1",
"initial_release_date": "2017-01-23T12:26:09Z",
"revision_history": [
{
"date": "2017-01-23T12:26:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.aarch64",
"product": {
"name": "openssh-7.2p2-66.1.aarch64",
"product_id": "openssh-7.2p2-66.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.aarch64",
"product": {
"name": "openssh-fips-7.2p2-66.1.aarch64",
"product_id": "openssh-fips-7.2p2-66.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.aarch64",
"product": {
"name": "openssh-helpers-7.2p2-66.1.aarch64",
"product_id": "openssh-helpers-7.2p2-66.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.ppc64le",
"product": {
"name": "openssh-7.2p2-66.1.ppc64le",
"product_id": "openssh-7.2p2-66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.ppc64le",
"product": {
"name": "openssh-fips-7.2p2-66.1.ppc64le",
"product_id": "openssh-fips-7.2p2-66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.ppc64le",
"product": {
"name": "openssh-helpers-7.2p2-66.1.ppc64le",
"product_id": "openssh-helpers-7.2p2-66.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.s390x",
"product": {
"name": "openssh-7.2p2-66.1.s390x",
"product_id": "openssh-7.2p2-66.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.s390x",
"product": {
"name": "openssh-fips-7.2p2-66.1.s390x",
"product_id": "openssh-fips-7.2p2-66.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.s390x",
"product": {
"name": "openssh-helpers-7.2p2-66.1.s390x",
"product_id": "openssh-helpers-7.2p2-66.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-66.1.x86_64",
"product": {
"name": "openssh-7.2p2-66.1.x86_64",
"product_id": "openssh-7.2p2-66.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"product_id": "openssh-askpass-gnome-7.2p2-66.3.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-66.1.x86_64",
"product": {
"name": "openssh-helpers-7.2p2-66.1.x86_64",
"product_id": "openssh-helpers-7.2p2-66.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-66.1.x86_64",
"product": {
"name": "openssh-fips-7.2p2-66.1.x86_64",
"product_id": "openssh-fips-7.2p2-66.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x"
},
"product_reference": "openssh-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x"
},
"product_reference": "openssh-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-66.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-66.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10010"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10010",
"url": "https://www.suse.com/security/cve/CVE-2016-10010"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016368 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016368"
},
{
"category": "external",
"summary": "SUSE Bug 1021751 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1021751"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1196721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "important"
}
],
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-66.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-23T12:26:09Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
suse-su-2017:0607-1
Vulnerability from csaf_suse
Published
2017-03-06 10:26
Modified
2017-03-06 10:26
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
- Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
Patchnames
SUSE-SLE-SERVER-12-SP1-2017-325
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes the following issues:\n\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)\n\n- Fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)\n- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-SP1-2017-325",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0607-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0607-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0607-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-March/002680.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-03-06T10:26:48Z",
"generator": {
"date": "2017-03-06T10:26:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0607-1",
"initial_release_date": "2017-03-06T10:26:48Z",
"revision_history": [
{
"date": "2017-03-06T10:26:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-fips-6.6p1-54.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"product_id": "openssh-helpers-6.6p1-54.7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-6.6p1-54.7.1.s390x",
"product_id": "openssh-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.s390x",
"product_id": "openssh-fips-6.6p1-54.7.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.s390x",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x",
"product_id": "openssh-helpers-6.6p1-54.7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-6.6p1-54.7.1.x86_64",
"product_id": "openssh-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64",
"product_id": "openssh-fips-6.6p1-54.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.7.1.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64",
"product_id": "openssh-helpers-6.6p1-54.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:48Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:48Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T10:26:48Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
suse-su-2017:0606-1
Vulnerability from csaf_suse
Published
2017-03-06 07:28
Modified
2017-03-06 07:28
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
Non security issues fixed:
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
Patchnames
sleclo50sp3-openssh-13005,sleman21-openssh-13005,slemap21-openssh-13005,sleposp3-openssh-13005,slessp3-openssh-13005
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes the following issues:\n\nSecurity issues fixed:\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)\n\nNon security issues fixed:\n- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleclo50sp3-openssh-13005,sleman21-openssh-13005,slemap21-openssh-13005,sleposp3-openssh-13005,slessp3-openssh-13005",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0606-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0606-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170606-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0606-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-March/002679.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-03-06T07:28:19Z",
"generator": {
"date": "2017-03-06T07:28:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0606-1",
"initial_release_date": "2017-03-06T07:28:19Z",
"revision_history": [
{
"date": "2017-03-06T07:28:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.2p2-0.40.1.i586",
"product": {
"name": "openssh-6.2p2-0.40.1.i586",
"product_id": "openssh-6.2p2-0.40.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-6.2p2-0.40.1.i586",
"product": {
"name": "openssh-askpass-6.2p2-0.40.1.i586",
"product_id": "openssh-askpass-6.2p2-0.40.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.2p2-0.40.3.i586",
"product": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.i586",
"product_id": "openssh-askpass-gnome-6.2p2-0.40.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.2p2-0.40.1.s390x",
"product": {
"name": "openssh-6.2p2-0.40.1.s390x",
"product_id": "openssh-6.2p2-0.40.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-6.2p2-0.40.1.s390x",
"product": {
"name": "openssh-askpass-6.2p2-0.40.1.s390x",
"product_id": "openssh-askpass-6.2p2-0.40.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"product": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"product_id": "openssh-askpass-gnome-6.2p2-0.40.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.2p2-0.40.1.x86_64",
"product": {
"name": "openssh-6.2p2-0.40.1.x86_64",
"product_id": "openssh-6.2p2-0.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-6.2p2-0.40.1.x86_64",
"product": {
"name": "openssh-askpass-6.2p2-0.40.1.x86_64",
"product_id": "openssh-askpass-6.2p2-0.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"product_id": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 5",
"product": {
"name": "SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:cloud:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager 2.1",
"product": {
"name": "SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:2.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 2.1",
"product": {
"name": "SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:2.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x"
},
"product_reference": "openssh-6.2p2-0.40.1.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.x86_64 as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.x86_64 as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64 as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.x86_64 as component of SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.x86_64 as component of SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64 as component of SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586"
},
"product_reference": "openssh-6.2p2-0.40.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586"
},
"product_reference": "openssh-6.2p2-0.40.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x"
},
"product_reference": "openssh-6.2p2-0.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586"
},
"product_reference": "openssh-6.2p2-0.40.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x"
},
"product_reference": "openssh-6.2p2-0.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.2p2-0.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-6.2p2-0.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64"
},
"product_reference": "openssh-askpass-6.2p2-0.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T07:28:19Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T07:28:19Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.s390x",
"SUSE Manager 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.s390x",
"SUSE Manager 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE Manager Proxy 2.1:openssh-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE Manager Proxy 2.1:openssh-askpass-gnome-6.2p2-0.40.3.x86_64",
"SUSE OpenStack Cloud 5:openssh-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-6.2p2-0.40.1.x86_64",
"SUSE OpenStack Cloud 5:openssh-askpass-gnome-6.2p2-0.40.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-06T07:28:19Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
suse-su-2017:0603-1
Vulnerability from csaf_suse
Published
2017-03-03 16:46
Modified
2017-03-03 16:46
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
Non security issues fixed:
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
- fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
Patchnames
slessp4-openssh-13002
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openssh fixes the following issues:\n\nSecurity issues fixed:\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)\n\nNon security issues fixed:\n- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)\n- fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-openssh-13002",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0603-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0603-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170603-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0603-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-March/002677.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-03-03T16:46:32Z",
"generator": {
"date": "2017-03-03T16:46:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0603-1",
"initial_release_date": "2017-03-03T16:46:32Z",
"revision_history": [
{
"date": "2017-03-03T16:46:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-35.1.i586",
"product": {
"name": "openssh-6.6p1-35.1.i586",
"product_id": "openssh-6.6p1-35.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-35.4.i586",
"product": {
"name": "openssh-askpass-gnome-6.6p1-35.4.i586",
"product_id": "openssh-askpass-gnome-6.6p1-35.4.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-35.1.i586",
"product": {
"name": "openssh-fips-6.6p1-35.1.i586",
"product_id": "openssh-fips-6.6p1-35.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-35.1.i586",
"product": {
"name": "openssh-helpers-6.6p1-35.1.i586",
"product_id": "openssh-helpers-6.6p1-35.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-35.1.ia64",
"product": {
"name": "openssh-6.6p1-35.1.ia64",
"product_id": "openssh-6.6p1-35.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-35.4.ia64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-35.4.ia64",
"product_id": "openssh-askpass-gnome-6.6p1-35.4.ia64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-35.1.ia64",
"product": {
"name": "openssh-fips-6.6p1-35.1.ia64",
"product_id": "openssh-fips-6.6p1-35.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-35.1.ia64",
"product": {
"name": "openssh-helpers-6.6p1-35.1.ia64",
"product_id": "openssh-helpers-6.6p1-35.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-35.1.ppc64",
"product": {
"name": "openssh-6.6p1-35.1.ppc64",
"product_id": "openssh-6.6p1-35.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-35.4.ppc64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-35.4.ppc64",
"product_id": "openssh-askpass-gnome-6.6p1-35.4.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-35.1.ppc64",
"product": {
"name": "openssh-fips-6.6p1-35.1.ppc64",
"product_id": "openssh-fips-6.6p1-35.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-35.1.ppc64",
"product": {
"name": "openssh-helpers-6.6p1-35.1.ppc64",
"product_id": "openssh-helpers-6.6p1-35.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-35.1.s390x",
"product": {
"name": "openssh-6.6p1-35.1.s390x",
"product_id": "openssh-6.6p1-35.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-35.4.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-35.4.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-35.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-35.1.s390x",
"product": {
"name": "openssh-fips-6.6p1-35.1.s390x",
"product_id": "openssh-fips-6.6p1-35.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-35.1.s390x",
"product": {
"name": "openssh-helpers-6.6p1-35.1.s390x",
"product_id": "openssh-helpers-6.6p1-35.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-35.1.x86_64",
"product": {
"name": "openssh-6.6p1-35.1.x86_64",
"product_id": "openssh-6.6p1-35.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-35.4.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-35.4.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-35.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-35.1.x86_64",
"product": {
"name": "openssh-fips-6.6p1-35.1.x86_64",
"product_id": "openssh-fips-6.6p1-35.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-35.1.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-35.1.x86_64",
"product_id": "openssh-helpers-6.6p1-35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586"
},
"product_reference": "openssh-6.6p1-35.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64"
},
"product_reference": "openssh-6.6p1-35.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64"
},
"product_reference": "openssh-6.6p1-35.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x"
},
"product_reference": "openssh-6.6p1-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64"
},
"product_reference": "openssh-6.6p1-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586"
},
"product_reference": "openssh-fips-6.6p1-35.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64"
},
"product_reference": "openssh-fips-6.6p1-35.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64"
},
"product_reference": "openssh-fips-6.6p1-35.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586"
},
"product_reference": "openssh-helpers-6.6p1-35.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64"
},
"product_reference": "openssh-helpers-6.6p1-35.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64"
},
"product_reference": "openssh-helpers-6.6p1-35.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586"
},
"product_reference": "openssh-6.6p1-35.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64"
},
"product_reference": "openssh-6.6p1-35.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64"
},
"product_reference": "openssh-6.6p1-35.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x"
},
"product_reference": "openssh-6.6p1-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64"
},
"product_reference": "openssh-6.6p1-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-35.4.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-35.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586"
},
"product_reference": "openssh-fips-6.6p1-35.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64"
},
"product_reference": "openssh-fips-6.6p1-35.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64"
},
"product_reference": "openssh-fips-6.6p1-35.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586"
},
"product_reference": "openssh-helpers-6.6p1-35.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64"
},
"product_reference": "openssh-helpers-6.6p1-35.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64"
},
"product_reference": "openssh-helpers-6.6p1-35.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-03T16:46:32Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-03T16:46:32Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-35.4.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-03T16:46:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
opensuse-su-2024:11124-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
openssh-8.4p1-7.4 on GA media
Notes
Title of the patch
openssh-8.4p1-7.4 on GA media
Description of the patch
These are all security issues fixed in the openssh-8.4p1-7.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11124
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "openssh-8.4p1-7.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the openssh-8.4p1-7.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11124",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11124-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-0225 page",
"url": "https://www.suse.com/security/cve/CVE-2006-0225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-4752 page",
"url": "https://www.suse.com/security/cve/CVE-2007-4752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10010 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20685 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6109 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6110 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6111 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6111/"
}
],
"title": "openssh-8.4p1-7.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11124-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-8.4p1-7.4.aarch64",
"product_id": "openssh-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-cavs-8.4p1-7.4.aarch64",
"product_id": "openssh-cavs-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-clients-8.4p1-7.4.aarch64",
"product_id": "openssh-clients-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-common-8.4p1-7.4.aarch64",
"product_id": "openssh-common-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-fips-8.4p1-7.4.aarch64",
"product_id": "openssh-fips-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-helpers-8.4p1-7.4.aarch64",
"product_id": "openssh-helpers-8.4p1-7.4.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.aarch64",
"product": {
"name": "openssh-server-8.4p1-7.4.aarch64",
"product_id": "openssh-server-8.4p1-7.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-8.4p1-7.4.ppc64le",
"product_id": "openssh-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-cavs-8.4p1-7.4.ppc64le",
"product_id": "openssh-cavs-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-clients-8.4p1-7.4.ppc64le",
"product_id": "openssh-clients-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-common-8.4p1-7.4.ppc64le",
"product_id": "openssh-common-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-fips-8.4p1-7.4.ppc64le",
"product_id": "openssh-fips-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-helpers-8.4p1-7.4.ppc64le",
"product_id": "openssh-helpers-8.4p1-7.4.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.ppc64le",
"product": {
"name": "openssh-server-8.4p1-7.4.ppc64le",
"product_id": "openssh-server-8.4p1-7.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.s390x",
"product": {
"name": "openssh-8.4p1-7.4.s390x",
"product_id": "openssh-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.s390x",
"product": {
"name": "openssh-cavs-8.4p1-7.4.s390x",
"product_id": "openssh-cavs-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.s390x",
"product": {
"name": "openssh-clients-8.4p1-7.4.s390x",
"product_id": "openssh-clients-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.s390x",
"product": {
"name": "openssh-common-8.4p1-7.4.s390x",
"product_id": "openssh-common-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.s390x",
"product": {
"name": "openssh-fips-8.4p1-7.4.s390x",
"product_id": "openssh-fips-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.s390x",
"product": {
"name": "openssh-helpers-8.4p1-7.4.s390x",
"product_id": "openssh-helpers-8.4p1-7.4.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.s390x",
"product": {
"name": "openssh-server-8.4p1-7.4.s390x",
"product_id": "openssh-server-8.4p1-7.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-8.4p1-7.4.x86_64",
"product_id": "openssh-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-cavs-8.4p1-7.4.x86_64",
"product_id": "openssh-cavs-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-clients-8.4p1-7.4.x86_64",
"product_id": "openssh-clients-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-common-8.4p1-7.4.x86_64",
"product_id": "openssh-common-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-fips-8.4p1-7.4.x86_64",
"product_id": "openssh-fips-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-helpers-8.4p1-7.4.x86_64",
"product_id": "openssh-helpers-8.4p1-7.4.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-7.4.x86_64",
"product": {
"name": "openssh-server-8.4p1-7.4.x86_64",
"product_id": "openssh-server-8.4p1-7.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x"
},
"product_reference": "openssh-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-cavs-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-cavs-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x"
},
"product_reference": "openssh-cavs-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-cavs-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-clients-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-clients-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x"
},
"product_reference": "openssh-clients-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-clients-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-common-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-common-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x"
},
"product_reference": "openssh-common-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-common-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-fips-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-fips-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x"
},
"product_reference": "openssh-fips-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-fips-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-helpers-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-helpers-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x"
},
"product_reference": "openssh-helpers-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-helpers-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64"
},
"product_reference": "openssh-server-8.4p1-7.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le"
},
"product_reference": "openssh-server-8.4p1-7.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x"
},
"product_reference": "openssh-server-8.4p1-7.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
},
"product_reference": "openssh-server-8.4p1-7.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-0225",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-0225"
}
],
"notes": [
{
"category": "general",
"text": "scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-0225",
"url": "https://www.suse.com/security/cve/CVE-2006-0225"
},
{
"category": "external",
"summary": "SUSE Bug 143435 for CVE-2006-0225",
"url": "https://bugzilla.suse.com/143435"
},
{
"category": "external",
"summary": "SUSE Bug 206456 for CVE-2006-0225",
"url": "https://bugzilla.suse.com/206456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2006-0225"
},
{
"cve": "CVE-2007-4752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-4752"
}
],
"notes": [
{
"category": "general",
"text": "ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-4752",
"url": "https://www.suse.com/security/cve/CVE-2007-4752"
},
{
"category": "external",
"summary": "SUSE Bug 308521 for CVE-2007-4752",
"url": "https://bugzilla.suse.com/308521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2007-4752"
},
{
"cve": "CVE-2008-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1483"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1483",
"url": "https://www.suse.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "SUSE Bug 1069509 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "external",
"summary": "SUSE Bug 373527 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/373527"
},
{
"category": "external",
"summary": "SUSE Bug 585630 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/585630"
},
{
"category": "external",
"summary": "SUSE Bug 647633 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/647633"
},
{
"category": "external",
"summary": "SUSE Bug 706386 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/706386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2008-1483"
},
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10010"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10010",
"url": "https://www.suse.com/security/cve/CVE-2016-10010"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016368 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1016368"
},
{
"category": "external",
"summary": "SUSE Bug 1021751 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1021751"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2016-10010",
"url": "https://bugzilla.suse.com/1196721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
},
{
"cve": "CVE-2018-20685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20685"
}
],
"notes": [
{
"category": "general",
"text": "In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20685",
"url": "https://www.suse.com/security/cve/CVE-2018-20685"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1123220 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1123220"
},
{
"category": "external",
"summary": "SUSE Bug 1131109 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1131109"
},
{
"category": "external",
"summary": "SUSE Bug 1134932 for CVE-2018-20685",
"url": "https://bugzilla.suse.com/1134932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-20685"
},
{
"cve": "CVE-2019-6109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6109"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6109",
"url": "https://www.suse.com/security/cve/CVE-2019-6109"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1121816 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121816"
},
{
"category": "external",
"summary": "SUSE Bug 1121818 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121818"
},
{
"category": "external",
"summary": "SUSE Bug 1121821 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1121821"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1144902 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1144902"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1148884 for CVE-2019-6109",
"url": "https://bugzilla.suse.com/1148884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6109"
},
{
"cve": "CVE-2019-6110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6110"
}
],
"notes": [
{
"category": "general",
"text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6110",
"url": "https://www.suse.com/security/cve/CVE-2019-6110"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1121816 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121816"
},
{
"category": "external",
"summary": "SUSE Bug 1121818 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121818"
},
{
"category": "external",
"summary": "SUSE Bug 1121821 for CVE-2019-6110",
"url": "https://bugzilla.suse.com/1121821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6110"
},
{
"cve": "CVE-2019-6111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6111"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6111",
"url": "https://www.suse.com/security/cve/CVE-2019-6111"
},
{
"category": "external",
"summary": "SUSE Bug 1121571 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121571"
},
{
"category": "external",
"summary": "SUSE Bug 1121816 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121816"
},
{
"category": "external",
"summary": "SUSE Bug 1121818 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121818"
},
{
"category": "external",
"summary": "SUSE Bug 1121821 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1121821"
},
{
"category": "external",
"summary": "SUSE Bug 1123028 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1123028"
},
{
"category": "external",
"summary": "SUSE Bug 1123220 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1123220"
},
{
"category": "external",
"summary": "SUSE Bug 1131109 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1131109"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1144902 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1144902"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1148884 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1148884"
},
{
"category": "external",
"summary": "SUSE Bug 1201840 for CVE-2019-6111",
"url": "https://bugzilla.suse.com/1201840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x",
"openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6111"
}
]
}
fkie_cve-2016-8858
Vulnerability from fkie_nvd
Published
2016-12-09 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/10/19/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/10/20/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/93776 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037057 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1384860 | Issue Tracking | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf | ||
| cve@mitre.org | https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig | Patch, Vendor Advisory | |
| cve@mitre.org | https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201612-18 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20180201-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/10/19/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/10/20/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93776 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037057 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1384860 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201612-18 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180201-0001/ | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "65A8629A-CFAE-4403-BEE7-622912483702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D0607649-62FE-41CB-9444-53CD9C5B67C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0FB8D5-75CB-4691-AB9F-B4FA46973421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E1B240-BD86-41D3-BAC1-96005CB31DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC2BA97-6E7A-4AEF-8944-DB3AB8E14762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D3A31E-D785-406D-A8C8-FD122F4C9E38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\""
},
{
"lang": "es",
"value": "** DISPUTADA ** La funci\u00f3n kex_input_kexinit en kex.c en OpenSSH 6.x y 7.x hasta la versi\u00f3n 7.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) enviando muchas peticiones duplicadas KEXINIT. NOTA: un tercero reporta que \"OpenSSH upstream no considera esto como un problema de seguridad\"."
}
],
"id": "CVE-2016-8858",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-09T11:59:00.207",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93776"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037057"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2016-8858
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-8858",
"description": "** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"id": "GSD-2016-8858",
"references": [
"https://www.suse.com/security/cve/CVE-2016-8858.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-8858"
],
"details": "** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"id": "GSD-2016-8858",
"modified": "2023-12-13T01:21:22.404511Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93776",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93776"
},
{
"name": "[oss-security] 20161020 Re: Re: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180201-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
},
{
"name": "[oss-security] 20161019 CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"name": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h",
"refsource": "MISC",
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"name": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad",
"refsource": "MISC",
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"name": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig",
"refsource": "MISC",
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"name": "FreeBSD-SA-16:33",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"name": "1037057",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037057"
},
{
"name": "GLSA-201612-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"name": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup",
"refsource": "MISC",
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "65A8629A-CFAE-4403-BEE7-622912483702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D0607649-62FE-41CB-9444-53CD9C5B67C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0FB8D5-75CB-4691-AB9F-B4FA46973421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E1B240-BD86-41D3-BAC1-96005CB31DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC2BA97-6E7A-4AEF-8944-DB3AB8E14762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D3A31E-D785-406D-A8C8-FD122F4C9E38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\""
},
{
"lang": "es",
"value": "** DISPUTADA ** La funci\u00f3n kex_input_kexinit en kex.c en OpenSSH 6.x y 7.x hasta la versi\u00f3n 7.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) enviando muchas peticiones duplicadas KEXINIT. NOTA: un tercero reporta que \"OpenSSH upstream no considera esto como un problema de seguridad\"."
}
],
"id": "CVE-2016-8858",
"lastModified": "2024-04-11T00:56:27.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-09T11:59:00.207",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126\u0026r2=1.127\u0026f=h"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93776"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037057"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384860"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201612-18"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180201-0001/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…