CVE search results

1 – 10 of 83 results

Detailed view

Sort by:

CVE-2024-7589

Medium priority

Not affected

A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Not affected	Not affected	Not affected	Not affected	Not affected
openssh-ssh1	Not affected	Not affected	Not affected	Not affected	—

CVE-2024-6409

Medium priority

Not affected

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Not affected	Not affected	Not affected	Not affected	Not affected
openssh-ssh1	Not affected	Not affected	Not affected	Not affected	—

CVE-2024-39894

Medium priority

Fixed

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Fixed	Not affected	Not affected	Not affected	Not affected
openssh-ssh1	Not affected	Not affected	Not affected	Not affected	—

CVE-2024-6387

High priority

Fixed

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Fixed	Fixed	Not affected	Not affected	Not affected
openssh-ssh1	Not affected	Not affected	Not affected	Not affected	—

CVE-2023-51767

Medium priority

Ignored

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE:...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	—	Ignored	Ignored	Ignored	Ignored
openssh-ssh1	—	Ignored	Ignored	Ignored	Not in release

CVE-2023-51385

Medium priority

Some fixes available 7 of 14

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Fixed	Fixed	Fixed	Fixed	Fixed
openssh-ssh1	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Not in release

CVE-2023-51384

Medium priority

Some fixes available 4 of 10

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Fixed	Fixed	Not affected	Not affected	Not affected
openssh-ssh1	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release

CVE-2023-48795

Medium priority

Some fixes available 22 of 76

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation...

13 affected packages

dropbear, filezilla, golang-go.crypto, libssh, libssh2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
dropbear	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
filezilla	Fixed	Fixed	Fixed	Not affected	Not affected
golang-go.crypto	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libssh	Not affected	Fixed	Fixed	Not affected	Not affected
libssh2	Not affected	Not affected	Not affected	Not affected	Not affected
lxd	Not in release	Not in release	Not affected	Fixed	Fixed
openssh	Fixed	Fixed	Fixed	Fixed	Fixed
openssh-ssh1	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
paramiko	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation
proftpd-dfsg	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
putty	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
python-asyncssh	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
snapd	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2023-38408

Medium priority

Some fixes available 8 of 16

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not...

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	Fixed	Fixed	Fixed	Fixed	Fixed
openssh-ssh1	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release

CVE-2023-28531

Low priority

Some fixes available 2 of 3

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

2 affected packages

openssh, openssh-ssh1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openssh	—	Fixed	Not affected	Not affected	Not affected
openssh-ssh1	—	Not affected	Not affected	Not affected	Not in release

Export to JSON

Results by page:

Search CVE reports