The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a no-touch-required extension in Permissions.Extensions from PublicKeyCallback.
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Crypto | Golang | * | 0.52.0 (excluding) |
| Red Hat Advanced Cluster Security for Kubernetes 4.10 | RedHat | advanced-cluster-security/rhacs-scanner-rhel8:1782891789 | * |
| Red Hat Advanced Cluster Security for Kubernetes 4.10 | RedHat | advanced-cluster-security/rhacs-scanner-slim-rhel8:1782891789 | * |
| Red Hat Advanced Cluster Security for Kubernetes 4.9 | RedHat | advanced-cluster-security/rhacs-scanner-rhel8:1782891812 | * |
| Red Hat Advanced Cluster Security for Kubernetes 4.9 | RedHat | advanced-cluster-security/rhacs-scanner-slim-rhel8:1782891812 | * |
| Red Hat Advanced Cluster Security for Kubernetes 4.9 | RedHat | advanced-cluster-security/rhacs-scanner-v4-rhel8:1783357116 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/cephcsi-rhel9:1782932114 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/cephcsi-rhel9-operator:1782931768 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/devicefinder-rhel9:1782932104 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/mcg-core-rhel9:1783536000 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/mcg-rhel9-operator:1783535989 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/ocs-client-console-rhel9:1783536515 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/ocs-client-rhel9-operator:1782932521 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/ocs-metrics-exporter-rhel9:1783018461 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/ocs-rhel9-operator:1783018421 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-blackbox-exporter-rhel9:1782932812 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-cli-rhel9:1783537001 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-cloudnative-pg-rhel9-operator:1782932919 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-console-rhel9:1783537586 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-cosi-sidecar-rhel9:1782932969 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-csi-addons-rhel9-operator:1782933015 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-csi-addons-sidecar-rhel9:1782933042 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-drbd-rhel9:1783537392 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-external-snapshotter-rhel9-operator:1782933235 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-external-snapshotter-sidecar-rhel9:1782933251 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-multicluster-console-rhel9:1783537955 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-multicluster-rhel9-operator:1782933417 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-must-gather-rhel9:1783537742 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odf-rhel9-operator:1782933602 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odr-rhel9-operator:1783019377 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odr-volsync-plugin-mover-rhel9:1782934054 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/odr-volsync-plugin-rhel9-operator:1782934036 | * |
| Red Hat Openshift Data Foundation 4.22 | RedHat | odf4/rook-ceph-rhel9-operator:1782934284 | * |
| Golang-go.crypto | Ubuntu | esm-apps/focal | * |
| Golang-go.crypto | Ubuntu | esm-apps/jammy | * |
| Golang-go.crypto | Ubuntu | esm-apps/noble | * |
| Golang-go.crypto | Ubuntu | esm-apps/resolute | * |
| Golang-go.crypto | Ubuntu | jammy | * |
| Golang-go.crypto | Ubuntu | noble | * |
| Golang-go.crypto | Ubuntu | questing | * |
| Golang-go.crypto | Ubuntu | resolute | * |
| Golang-go.crypto | Ubuntu | upstream | * |
| Google-guest-agent | Ubuntu | esm-apps-legacy/xenial | * |
| Google-guest-agent | Ubuntu | esm-apps/bionic | * |
| Google-guest-agent | Ubuntu | esm-infra/focal | * |
| Google-guest-agent | Ubuntu | jammy | * |
| Google-guest-agent | Ubuntu | noble | * |
| Google-guest-agent | Ubuntu | questing | * |
| Google-guest-agent | Ubuntu | resolute | * |
| Lxd | Ubuntu | esm-infra-legacy/xenial | * |
| Lxd | Ubuntu | esm-infra/bionic | * |
| Snapd | Ubuntu | questing | * |