this post was submitted on 19 Jul 2023
10 points (100.0% liked)

cybersecurity

3262 readers
11 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

Fix CVE-2023-38408 - a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met:

  • Exploitation requires the presence of specific libraries on the victim system.
  • Remote exploitation requires that the agent was forwarded to an attacker-controlled system.

In addition to removing the main precondition for exploitation, this release removes the ability for remote ssh-agent(1) clients to load PKCS#11 modules by default (see below).

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here