CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

Affected Software

Name	Vendor	Start Version	End Version
Openssh	Openbsd	6.2 (including)	8.8 (excluding)
Red Hat Enterprise Linux 7	RedHat	openssh-0:7.4p1-22.el7_9	*
Red Hat Enterprise Linux 8	RedHat	openssh-0:8.0p1-13.el8	*
Red Hat Enterprise Linux 8	RedHat	openssh-0:8.0p1-13.el8	*
Openssh	Ubuntu	bionic	*
Openssh	Ubuntu	esm-infra-legacy/trusty	*
Openssh	Ubuntu	esm-infra/bionic	*
Openssh	Ubuntu	esm-infra/xenial	*
Openssh	Ubuntu	fips-updates/bionic	*
Openssh	Ubuntu	fips-updates/focal	*
Openssh	Ubuntu	fips-updates/xenial	*
Openssh	Ubuntu	fips/bionic	*
Openssh	Ubuntu	fips/focal	*
Openssh	Ubuntu	fips/xenial	*
Openssh	Ubuntu	focal	*
Openssh	Ubuntu	hirsute	*
Openssh	Ubuntu	impish	*
Openssh	Ubuntu	trusty	*
Openssh	Ubuntu	trusty/esm	*
Openssh	Ubuntu	upstream	*
Openssh	Ubuntu	xenial	*
Openssh-ssh1	Ubuntu	bionic	*
Openssh-ssh1	Ubuntu	devel	*
Openssh-ssh1	Ubuntu	esm-apps/bionic	*
Openssh-ssh1	Ubuntu	esm-apps/focal	*
Openssh-ssh1	Ubuntu	esm-apps/jammy	*
Openssh-ssh1	Ubuntu	esm-apps/noble	*
Openssh-ssh1	Ubuntu	focal	*
Openssh-ssh1	Ubuntu	hirsute	*
Openssh-ssh1	Ubuntu	impish	*
Openssh-ssh1	Ubuntu	jammy	*
Openssh-ssh1	Ubuntu	kinetic	*
Openssh-ssh1	Ubuntu	lunar	*
Openssh-ssh1	Ubuntu	mantic	*
Openssh-ssh1	Ubuntu	noble	*
Openssh-ssh1	Ubuntu	oracular	*
Openssh-ssh1	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-41617
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References