csaf_suse - suse-su-2025:20009-1

suse-su-2025:20009-1

Vulnerability from csaf_suse

Published

2025-02-03 08:47

Modified

2025-02-03 08:47

Summary

Security update for openssh

Notes

Title of the patch

Security update for openssh

Description of the patch

This update for openssh fixes the following issues: - CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318) - CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642).

Patchnames

SUSE-SLE-Micro-6.0-8

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for openssh",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for openssh fixes the following issues:\n\n- CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318)\n- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-8",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20009-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20009-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520009-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20009-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021369.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1217950",
        "url": "https://bugzilla.suse.com/1217950"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1218215",
        "url": "https://bugzilla.suse.com/1218215"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226642",
        "url": "https://bugzilla.suse.com/1226642"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227318",
        "url": "https://bugzilla.suse.com/1227318"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-48795 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-48795/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-51385 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-51385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-39894 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-39894/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6387 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6387/"
      }
    ],
    "title": "Security update for openssh",
    "tracking": {
      "current_release_date": "2025-02-03T08:47:06Z",
      "generator": {
        "date": "2025-02-03T08:47:06Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20009-1",
      "initial_release_date": "2025-02-03T08:47:06Z",
      "revision_history": [
        {
          "date": "2025-02-03T08:47:06Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-2.1.aarch64",
                "product": {
                  "name": "openssh-9.6p1-2.1.aarch64",
                  "product_id": "openssh-9.6p1-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-2.1.aarch64",
                "product": {
                  "name": "openssh-clients-9.6p1-2.1.aarch64",
                  "product_id": "openssh-clients-9.6p1-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-2.1.aarch64",
                "product": {
                  "name": "openssh-common-9.6p1-2.1.aarch64",
                  "product_id": "openssh-common-9.6p1-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-2.1.aarch64",
                "product": {
                  "name": "openssh-fips-9.6p1-2.1.aarch64",
                  "product_id": "openssh-fips-9.6p1-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-2.1.aarch64",
                "product": {
                  "name": "openssh-server-9.6p1-2.1.aarch64",
                  "product_id": "openssh-server-9.6p1-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-2.1.s390x",
                "product": {
                  "name": "openssh-9.6p1-2.1.s390x",
                  "product_id": "openssh-9.6p1-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-2.1.s390x",
                "product": {
                  "name": "openssh-clients-9.6p1-2.1.s390x",
                  "product_id": "openssh-clients-9.6p1-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-2.1.s390x",
                "product": {
                  "name": "openssh-common-9.6p1-2.1.s390x",
                  "product_id": "openssh-common-9.6p1-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-2.1.s390x",
                "product": {
                  "name": "openssh-fips-9.6p1-2.1.s390x",
                  "product_id": "openssh-fips-9.6p1-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-2.1.s390x",
                "product": {
                  "name": "openssh-server-9.6p1-2.1.s390x",
                  "product_id": "openssh-server-9.6p1-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-2.1.s390x",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-2.1.s390x",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-2.1.x86_64",
                "product": {
                  "name": "openssh-9.6p1-2.1.x86_64",
                  "product_id": "openssh-9.6p1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-2.1.x86_64",
                "product": {
                  "name": "openssh-clients-9.6p1-2.1.x86_64",
                  "product_id": "openssh-clients-9.6p1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-2.1.x86_64",
                "product": {
                  "name": "openssh-common-9.6p1-2.1.x86_64",
                  "product_id": "openssh-common-9.6p1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-2.1.x86_64",
                "product": {
                  "name": "openssh-fips-9.6p1-2.1.x86_64",
                  "product_id": "openssh-fips-9.6p1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-2.1.x86_64",
                "product": {
                  "name": "openssh-server-9.6p1-2.1.x86_64",
                  "product_id": "openssh-server-9.6p1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64"
        },
        "product_reference": "openssh-9.6p1-2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x"
        },
        "product_reference": "openssh-9.6p1-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64"
        },
        "product_reference": "openssh-9.6p1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64"
        },
        "product_reference": "openssh-clients-9.6p1-2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x"
        },
        "product_reference": "openssh-clients-9.6p1-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64"
        },
        "product_reference": "openssh-clients-9.6p1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64"
        },
        "product_reference": "openssh-common-9.6p1-2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x"
        },
        "product_reference": "openssh-common-9.6p1-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64"
        },
        "product_reference": "openssh-common-9.6p1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64"
        },
        "product_reference": "openssh-fips-9.6p1-2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x"
        },
        "product_reference": "openssh-fips-9.6p1-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64"
        },
        "product_reference": "openssh-fips-9.6p1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64"
        },
        "product_reference": "openssh-server-9.6p1-2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x"
        },
        "product_reference": "openssh-server-9.6p1-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64"
        },
        "product_reference": "openssh-server-9.6p1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-48795",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-48795"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-48795",
          "url": "https://www.suse.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217950 for CVE-2023-48795",
          "url": "https://bugzilla.suse.com/1217950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218708 for CVE-2023-48795",
          "url": "https://bugzilla.suse.com/1218708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:47:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-51385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-51385",
          "url": "https://www.suse.com/security/cve/CVE-2023-51385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218215 for CVE-2023-51385",
          "url": "https://bugzilla.suse.com/1218215"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218708 for CVE-2023-51385",
          "url": "https://bugzilla.suse.com/1218708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:47:06Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-51385"
    },
    {
      "cve": "CVE-2024-39894",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-39894"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-39894",
          "url": "https://www.suse.com/security/cve/CVE-2024-39894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227318 for CVE-2024-39894",
          "url": "https://bugzilla.suse.com/1227318"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:47:06Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-39894"
    },
    {
      "cve": "CVE-2024-6387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
          "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6387",
          "url": "https://www.suse.com/security/cve/CVE-2024-6387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226641 for CVE-2024-6387",
          "url": "https://bugzilla.suse.com/1226641"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226642 for CVE-2024-6387",
          "url": "https://bugzilla.suse.com/1226642"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
            "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:47:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6387"
    }
  ]
}

CVE-2024-39894 (GCVE-0-2024-39894)

Vulnerability from cvelistv5

Published

2024-07-02 00:00

Modified

2025-01-29 22:04

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Summary

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.

References

►

URL

Tags

	https://www.openssh.com/txt/release-9.8
	https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html
	https://www.openwall.com/lists/oss-security/2024/07/02/1
	http://www.openwall.com/lists/oss-security/2024/07/03/6	mailing-list
	https://security.netapp.com/advisory/ntap-20240712-0004/
	http://www.openwall.com/lists/oss-security/2024/07/23/4	mailing-list
	http://www.openwall.com/lists/oss-security/2024/07/23/6	mailing-list
	http://www.openwall.com/lists/oss-security/2024/07/28/3	mailing-list
	https://crzphil.github.io/posts/ssh-obfuscation-bypass/
	https://news.ycombinator.com/item?id=41508530

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:openbsd:openssh:9.5:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "openssh",
            "vendor": "openbsd",
            "versions": [
              {
                "lessThanOrEqual": "9.7",
                "status": "affected",
                "version": "9.5",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-39894",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-03T13:15:38.073610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-367",
                "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-03T13:15:54.538Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-29T22:04:16.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-25:01.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2024/07/02/1"
          },
          {
            "name": "[oss-security] 20240703 Re: Announce: OpenSSH 9.8 released",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240712-0004/"
          },
          {
            "name": "[oss-security] 20240723 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
          },
          {
            "name": "[oss-security] 20240723 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
          },
          {
            "name": "[oss-security] 20240728 Re: Announce: OpenSSH 9.8 released",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T15:12:12.186Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.openssh.com/txt/release-9.8"
        },
        {
          "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/07/02/1"
        },
        {
          "name": "[oss-security] 20240703 Re: Announce: OpenSSH 9.8 released",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/03/6"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240712-0004/"
        },
        {
          "name": "[oss-security] 20240723 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
        },
        {
          "name": "[oss-security] 20240723 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
        },
        {
          "name": "[oss-security] 20240728 Re: Announce: OpenSSH 9.8 released",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
        },
        {
          "url": "https://crzphil.github.io/posts/ssh-obfuscation-bypass/"
        },
        {
          "url": "https://news.ycombinator.com/item?id=41508530"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-39894",
    "datePublished": "2024-07-02T00:00:00.000Z",
    "dateReserved": "2024-07-02T00:00:00.000Z",
    "dateUpdated": "2025-01-29T22:04:16.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6387 (GCVE-0-2024-6387)

Vulnerability from cvelistv5

Published

2024-07-01 12:37

Modified

2025-07-24 13:11

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-364 - Signal Handler Race Condition

Summary

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:4312	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4340	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4389	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4469	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4474	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4479	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4484	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-6387	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2294604	issue-tracking, x_refsource_REDHAT
	https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
	https://www.openssh.com/txt/release-9.8
	https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

Impacted products

Vendor

Product

Version

►

Version: 8.5p1 <

Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-38.el9_4.1 < * cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-38.el9_4.1 < * cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:8.7p1-12.el9_0.1 < * cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:8.7p1-30.el9_2.4 < * cpe:/o:redhat:rhel_eus:9.2::baseos cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 413.92.202407091321-0 < * cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 414.92.202407091253-0 < * cpe:/a:redhat:openshift:4.14::el9 cpe:/a:redhat:openshift:4.14::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 415.92.202407091355-0 < * cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: 416.94.202407081958-0 < * cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat Ceph Storage 5	cpe:/a:redhat:ceph_storage:5
Red Hat	Red Hat Ceph Storage 6	cpe:/a:redhat:ceph_storage:6
Red Hat	Red Hat Ceph Storage 7	cpe:/a:redhat:ceph_storage:7
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6387",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-02T13:18:34.695298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T13:18:46.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-24T18:35:27.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
          },
          {
            "url": "https://www.exploit-db.com/exploits/52269"
          },
          {
            "url": "https://packetstorm.news/files/id/190587/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
          },
          {
            "name": "RHSA-2024:4312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4312"
          },
          {
            "name": "RHSA-2024:4340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4340"
          },
          {
            "name": "RHSA-2024:4389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4389"
          },
          {
            "name": "RHSA-2024:4469",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4469"
          },
          {
            "name": "RHSA-2024:4474",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4474"
          },
          {
            "name": "RHSA-2024:4479",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4479"
          },
          {
            "name": "RHSA-2024:4484",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4484"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
          },
          {
            "name": "RHBZ#2294604",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/AlmaLinux/updates/issues/629"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Azure/AKS/issues/4379"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/azurelinux/issues/9555"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/oracle/oracle-linux/issues/149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rapier1/hpn-ssh/issues/87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/zgzhang/cve-2024-6387-poc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=40843778"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6859-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214119"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214118"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214120"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.7p1",
              "status": "affected",
              "version": "8.5p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-12.el9_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-30.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202407091321-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202407091253-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202407091355-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202407081958-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-01T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-24T13:11:10.801Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4312"
        },
        {
          "name": "RHSA-2024:4340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4340"
        },
        {
          "name": "RHSA-2024:4389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4389"
        },
        {
          "name": "RHSA-2024:4469",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4469"
        },
        {
          "name": "RHSA-2024:4474",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4474"
        },
        {
          "name": "RHSA-2024:4479",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4479"
        },
        {
          "name": "RHSA-2024:4484",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4484"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
        },
        {
          "name": "RHBZ#2294604",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
        },
        {
          "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
        },
        {
          "url": "https://www.openssh.com/txt/release-9.8"
        },
        {
          "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-27T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-01T08:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openssh: regresshion - race condition in ssh allows rce/dos",
      "workarounds": [
        {
          "lang": "en",
          "value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
        }
      ],
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6387",
    "datePublished": "2024-07-01T12:37:25.431Z",
    "dateReserved": "2024-06-27T13:41:03.421Z",
    "dateUpdated": "2025-07-24T13:11:10.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-51385 (GCVE-0-2023-51385)

Vulnerability from cvelistv5

Published

2023-12-18 00:00

Modified

2024-08-02 22:32

Severity ?

CWE

Summary

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

References

►

URL

Tags

	https://www.openssh.com/txt/release-9.6
	https://www.openwall.com/lists/oss-security/2023/12/18/2
	https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
	https://www.debian.org/security/2023/dsa-5586	vendor-advisory
	https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
	https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html	mailing-list
	http://www.openwall.com/lists/oss-security/2023/12/26/4	mailing-list
	https://security.gentoo.org/glsa/202312-17	vendor-advisory
	https://security.netapp.com/advisory/ntap-20240105-0005/
	https://support.apple.com/kb/HT214084
	http://seclists.org/fulldisclosure/2024/Mar/21	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:32:09.069Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a"
          },
          {
            "name": "DSA-5586",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5586"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html"
          },
          {
            "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
          },
          {
            "name": "[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4"
          },
          {
            "name": "GLSA-202312-17",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240105-0005/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214084"
          },
          {
            "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-13T21:08:08.727930",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.openssh.com/txt/release-9.6"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
        },
        {
          "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a"
        },
        {
          "name": "DSA-5586",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5586"
        },
        {
          "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html"
        },
        {
          "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
        },
        {
          "name": "[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4"
        },
        {
          "name": "GLSA-202312-17",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202312-17"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240105-0005/"
        },
        {
          "url": "https://support.apple.com/kb/HT214084"
        },
        {
          "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-51385",
    "datePublished": "2023-12-18T00:00:00",
    "dateReserved": "2023-12-18T00:00:00",
    "dateUpdated": "2024-08-02T22:32:09.069Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48795 (GCVE-0-2023-48795)

Vulnerability from cvelistv5

Published

2023-12-18 00:00

Modified

2025-05-14 19:34

Severity ?

CWE

Summary

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

References

►

URL

Tags

	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
	https://matt.ucc.asn.au/dropbear/CHANGES
	https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
	https://www.netsarang.com/en/xshell-update-history/
	https://www.paramiko.org/changelog.html
	https://www.openssh.com/openbsd.html
	https://github.com/openssh/openssh-portable/commits/master
	https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
	https://www.bitvise.com/ssh-server-version-history
	https://github.com/ronf/asyncssh/tags
	https://gitlab.com/libssh/libssh-mirror/-/tags
	https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
	https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
	https://www.openssh.com/txt/release-9.6
	https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
	https://www.terrapin-attack.com
	https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
	https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
	https://thorntech.com/cve-2023-48795-and-sftp-gateway/
	https://github.com/warp-tech/russh/releases/tag/v0.40.2
	https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
	https://www.openwall.com/lists/oss-security/2023/12/18/2
	https://twitter.com/TrueSkrillor/status/1736774389725565005
	https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
	https://github.com/paramiko/paramiko/issues/2337
	https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
	https://news.ycombinator.com/item?id=38684904
	https://news.ycombinator.com/item?id=38685286
	http://www.openwall.com/lists/oss-security/2023/12/18/3	mailing-list
	https://github.com/mwiede/jsch/issues/457
	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
	https://github.com/erlang/otp/releases/tag/OTP-26.2.1
	https://github.com/advisories/GHSA-45x7-px36-x8w8
	https://security-tracker.debian.org/tracker/source-package/libssh2
	https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
	https://security-tracker.debian.org/tracker/CVE-2023-48795
	https://bugzilla.suse.com/show_bug.cgi?id=1217950
	https://bugzilla.redhat.com/show_bug.cgi?id=2254210
	https://bugs.gentoo.org/920280
	https://ubuntu.com/security/CVE-2023-48795
	https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
	https://access.redhat.com/security/cve/cve-2023-48795
	https://github.com/mwiede/jsch/pull/461
	https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
	https://github.com/libssh2/libssh2/pull/1291
	https://forum.netgate.com/topic/184941/terrapin-ssh-attack
	https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
	https://github.com/rapier1/hpn-ssh/releases
	https://github.com/proftpd/proftpd/issues/456
	https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
	https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
	https://oryx-embedded.com/download/#changelog
	https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
	https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
	https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
	https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
	https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
	https://crates.io/crates/thrussh/versions
	https://github.com/NixOS/nixpkgs/pull/275249
	http://www.openwall.com/lists/oss-security/2023/12/19/5	mailing-list
	https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
	https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
	http://www.openwall.com/lists/oss-security/2023/12/20/3	mailing-list
	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
	https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
	https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
	https://github.com/apache/mina-sshd/issues/445
	https://github.com/hierynomus/sshj/issues/916
	https://github.com/janmojzis/tinyssh/issues/81
	https://www.openwall.com/lists/oss-security/2023/12/20/3
	https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
	https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/	vendor-advisory
	https://www.debian.org/security/2023/dsa-5586	vendor-advisory
	https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
	https://www.theregister.com/2023/12/20/terrapin_attack_ssh
	https://filezilla-project.org/versions.php
	https://nova.app/releases/#v11.8
	https://roumenpetrov.info/secsh/#news20231220
	https://www.vandyke.com/products/securecrt/history.txt
	https://help.panic.com/releasenotes/transmit5/
	https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
	https://github.com/PowerShell/Win32-OpenSSH/issues/2189
	https://winscp.net/eng/docs/history#6.2.2
	https://www.bitvise.com/ssh-client-version-history#933
	https://github.com/cyd01/KiTTY/issues/520
	https://www.debian.org/security/2023/dsa-5588	vendor-advisory
	https://github.com/ssh-mitm/ssh-mitm/issues/165
	https://news.ycombinator.com/item?id=38732005
	https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html	mailing-list
	https://security.gentoo.org/glsa/202312-16	vendor-advisory
	https://security.gentoo.org/glsa/202312-17	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/	vendor-advisory
	https://security.netapp.com/advisory/ntap-20240105-0004/
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/	vendor-advisory
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/	vendor-advisory
	https://support.apple.com/kb/HT214084
	http://seclists.org/fulldisclosure/2024/Mar/21	mailing-list
	https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html	mailing-list
	http://www.openwall.com/lists/oss-security/2024/04/17/8	mailing-list
	http://www.openwall.com/lists/oss-security/2024/03/06/3	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-14T19:34:00.891Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://matt.ucc.asn.au/dropbear/CHANGES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.netsarang.com/en/xshell-update-history/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.paramiko.org/changelog.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/openbsd.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openssh/openssh-portable/commits/master"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bitvise.com/ssh-server-version-history"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ronf/asyncssh/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.terrapin-attack.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/paramiko/paramiko/issues/2337"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=38684904"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=38685286"
          },
          {
            "name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mwiede/jsch/issues/457"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/920280"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2023-48795"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2023-48795"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mwiede/jsch/pull/461"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libssh2/libssh2/pull/1291"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rapier1/hpn-ssh/releases"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/issues/456"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://oryx-embedded.com/download/#changelog"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://crates.io/crates/thrussh/versions"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/NixOS/nixpkgs/pull/275249"
          },
          {
            "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
          },
          {
            "name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/mina-sshd/issues/445"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/hierynomus/sshj/issues/916"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/janmojzis/tinyssh/issues/81"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
          },
          {
            "name": "FEDORA-2023-0733306be9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
          },
          {
            "name": "DSA-5586",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5586"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://filezilla-project.org/versions.php"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nova.app/releases/#v11.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://roumenpetrov.info/secsh/#news20231220"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.vandyke.com/products/securecrt/history.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.panic.com/releasenotes/transmit5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://winscp.net/eng/docs/history#6.2.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bitvise.com/ssh-client-version-history#933"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/cyd01/KiTTY/issues/520"
          },
          {
            "name": "DSA-5588",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5588"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=38732005"
          },
          {
            "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
          },
          {
            "name": "GLSA-202312-16",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-16"
          },
          {
            "name": "GLSA-202312-17",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-17"
          },
          {
            "name": "FEDORA-2023-20feb865d8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
          },
          {
            "name": "FEDORA-2023-cb8c606fbb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
          },
          {
            "name": "FEDORA-2023-e77300e4b5",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
          },
          {
            "name": "FEDORA-2023-b87ec6cf47",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
          },
          {
            "name": "FEDORA-2023-153404713b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
          },
          {
            "name": "FEDORA-2024-3bb23c77f3",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
          },
          {
            "name": "FEDORA-2023-55800423a8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
          },
          {
            "name": "FEDORA-2024-d946b9ad25",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
          },
          {
            "name": "FEDORA-2024-71c2c6526c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
          },
          {
            "name": "FEDORA-2024-39a8c72ea9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
          },
          {
            "name": "FEDORA-2024-ae653fb07b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
          },
          {
            "name": "FEDORA-2024-2705241461",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
          },
          {
            "name": "FEDORA-2024-fb32950d11",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
          },
          {
            "name": "FEDORA-2024-7b08207cdb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
          },
          {
            "name": "FEDORA-2024-06ebb70bdd",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
          },
          {
            "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
          },
          {
            "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
          },
          {
            "name": "FEDORA-2024-a53b24023d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
          },
          {
            "name": "FEDORA-2024-3fd1bc9276",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214084"
          },
          {
            "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
          },
          {
            "name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
          },
          {
            "name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
          },
          {
            "name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-48795",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": ""
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-19T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-01T03:55:20.399Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T18:06:23.972Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
        },
        {
          "url": "https://matt.ucc.asn.au/dropbear/CHANGES"
        },
        {
          "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
        },
        {
          "url": "https://www.netsarang.com/en/xshell-update-history/"
        },
        {
          "url": "https://www.paramiko.org/changelog.html"
        },
        {
          "url": "https://www.openssh.com/openbsd.html"
        },
        {
          "url": "https://github.com/openssh/openssh-portable/commits/master"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
        },
        {
          "url": "https://www.bitvise.com/ssh-server-version-history"
        },
        {
          "url": "https://github.com/ronf/asyncssh/tags"
        },
        {
          "url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
        },
        {
          "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
        },
        {
          "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
        },
        {
          "url": "https://www.openssh.com/txt/release-9.6"
        },
        {
          "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
        },
        {
          "url": "https://www.terrapin-attack.com"
        },
        {
          "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
        },
        {
          "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
        },
        {
          "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
        },
        {
          "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
        },
        {
          "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
        },
        {
          "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
        },
        {
          "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
        },
        {
          "url": "https://github.com/paramiko/paramiko/issues/2337"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
        },
        {
          "url": "https://news.ycombinator.com/item?id=38684904"
        },
        {
          "url": "https://news.ycombinator.com/item?id=38685286"
        },
        {
          "name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
        },
        {
          "url": "https://github.com/mwiede/jsch/issues/457"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
        },
        {
          "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
        },
        {
          "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
        },
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "url": "https://bugs.gentoo.org/920280"
        },
        {
          "url": "https://ubuntu.com/security/CVE-2023-48795"
        },
        {
          "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
        },
        {
          "url": "https://access.redhat.com/security/cve/cve-2023-48795"
        },
        {
          "url": "https://github.com/mwiede/jsch/pull/461"
        },
        {
          "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
        },
        {
          "url": "https://github.com/libssh2/libssh2/pull/1291"
        },
        {
          "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
        },
        {
          "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
        },
        {
          "url": "https://github.com/rapier1/hpn-ssh/releases"
        },
        {
          "url": "https://github.com/proftpd/proftpd/issues/456"
        },
        {
          "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
        },
        {
          "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
        },
        {
          "url": "https://oryx-embedded.com/download/#changelog"
        },
        {
          "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
        },
        {
          "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
        },
        {
          "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
        },
        {
          "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
        },
        {
          "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
        },
        {
          "url": "https://crates.io/crates/thrussh/versions"
        },
        {
          "url": "https://github.com/NixOS/nixpkgs/pull/275249"
        },
        {
          "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
        },
        {
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
        },
        {
          "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
        },
        {
          "name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
        },
        {
          "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
        },
        {
          "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
        },
        {
          "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
        },
        {
          "url": "https://github.com/apache/mina-sshd/issues/445"
        },
        {
          "url": "https://github.com/hierynomus/sshj/issues/916"
        },
        {
          "url": "https://github.com/janmojzis/tinyssh/issues/81"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
        },
        {
          "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
        },
        {
          "name": "FEDORA-2023-0733306be9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
        },
        {
          "name": "DSA-5586",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5586"
        },
        {
          "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
        },
        {
          "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
        },
        {
          "url": "https://filezilla-project.org/versions.php"
        },
        {
          "url": "https://nova.app/releases/#v11.8"
        },
        {
          "url": "https://roumenpetrov.info/secsh/#news20231220"
        },
        {
          "url": "https://www.vandyke.com/products/securecrt/history.txt"
        },
        {
          "url": "https://help.panic.com/releasenotes/transmit5/"
        },
        {
          "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
        },
        {
          "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
        },
        {
          "url": "https://winscp.net/eng/docs/history#6.2.2"
        },
        {
          "url": "https://www.bitvise.com/ssh-client-version-history#933"
        },
        {
          "url": "https://github.com/cyd01/KiTTY/issues/520"
        },
        {
          "name": "DSA-5588",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5588"
        },
        {
          "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
        },
        {
          "url": "https://news.ycombinator.com/item?id=38732005"
        },
        {
          "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
        },
        {
          "name": "GLSA-202312-16",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202312-16"
        },
        {
          "name": "GLSA-202312-17",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202312-17"
        },
        {
          "name": "FEDORA-2023-20feb865d8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
        },
        {
          "name": "FEDORA-2023-cb8c606fbb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
        },
        {
          "name": "FEDORA-2023-e77300e4b5",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
        },
        {
          "name": "FEDORA-2023-b87ec6cf47",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
        },
        {
          "name": "FEDORA-2023-153404713b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
        },
        {
          "name": "FEDORA-2024-3bb23c77f3",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
        },
        {
          "name": "FEDORA-2023-55800423a8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
        },
        {
          "name": "FEDORA-2024-d946b9ad25",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
        },
        {
          "name": "FEDORA-2024-71c2c6526c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
        },
        {
          "name": "FEDORA-2024-39a8c72ea9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
        },
        {
          "name": "FEDORA-2024-ae653fb07b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
        },
        {
          "name": "FEDORA-2024-2705241461",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
        },
        {
          "name": "FEDORA-2024-fb32950d11",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
        },
        {
          "name": "FEDORA-2024-7b08207cdb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
        },
        {
          "name": "FEDORA-2024-06ebb70bdd",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
        },
        {
          "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
        },
        {
          "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
        },
        {
          "name": "FEDORA-2024-a53b24023d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
        },
        {
          "name": "FEDORA-2024-3fd1bc9276",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
        },
        {
          "url": "https://support.apple.com/kb/HT214084"
        },
        {
          "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
        },
        {
          "name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
        },
        {
          "name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
        },
        {
          "name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-48795",
    "datePublished": "2023-12-18T00:00:00.000Z",
    "dateReserved": "2023-11-20T00:00:00.000Z",
    "dateUpdated": "2025-05-14T19:34:00.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2025:20009-1

Vulnerability from csaf_suse

CVE-2024-39894 (GCVE-0-2024-39894)

Vulnerability from cvelistv5

CVE-2024-6387 (GCVE-0-2024-6387)

Vulnerability from cvelistv5

CVE-2023-51385 (GCVE-0-2023-51385)

Vulnerability from cvelistv5

CVE-2023-48795 (GCVE-0-2023-48795)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature