CVE Vulnerabilities

CVE-2023-51384

Published: Dec 18, 2023 | Modified: Nov 21, 2024
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
5.5 LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Ubuntu
MEDIUM

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Affected Software

Name Vendor Start Version End Version
Openssh Openbsd 8.9 (including) 9.6 (excluding)
Openssh Ubuntu bionic *
Openssh Ubuntu devel *
Openssh Ubuntu fips-preview/jammy *
Openssh Ubuntu fips-updates/jammy *
Openssh Ubuntu jammy *
Openssh Ubuntu lunar *
Openssh Ubuntu mantic *
Openssh Ubuntu noble *
Openssh Ubuntu oracular *
Openssh Ubuntu trusty *
Openssh Ubuntu upstream *
Openssh Ubuntu xenial *
Openssh-ssh1 Ubuntu bionic *
Openssh-ssh1 Ubuntu lunar *
Openssh-ssh1 Ubuntu mantic *
Openssh-ssh1 Ubuntu upstream *

References