Announcement

Collapse
No announcement yet.

CVE-2023-38408 - critical vulnerability affecting OpenSSH versions prior to 9.3.2p2

Collapse
This topic has been answered.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    CVE-2023-38408 - critical vulnerability affecting OpenSSH versions prior to 9.3.2p2

    A hosting client of ours has drawn our attention to CVE-2023-38408, first reported 19th Aug 2023

    NVD - CVE-2023-38408
    https://nvd.nist.gov/vuln/detail/CVE-2023-38408


    Our shared hosting server is running CloudLinux v.8.10, with OpenSSH 8.0p1

    A 'dnf update' doesn't upgrade OpenSSH any higher than 8.0p1.

    Are there any plans for the CL Networking to make a OpenSSH 9.3.2p2 of higher available soon?

    Thanks!

    Tags: None
  • Answer selected by bogdan.sh at 10-14-2024, 07:34 AM.
    I found the answer:

    If you run the rpm changelog command , you will find that the OpenSSH version 8.0p1-18 resolves the vulnerability CVE-2023-38408:

    ===============================================
    rpm --query --changelog openssh

    * Thu Jul 20 2023 Dmitry Belyavskiy - 8.0p1-18
    - Avoid remote code execution in ssh-agent PKCS#11 support
    Resolves: CVE-2023-38408
    ===============================================​

    We're running openssh-8.0p1-25.el8_10.x86_64
    • Likes 1
    • Selected Answer

    Comment

    • #2
      I found the answer:

      If you run the rpm changelog command , you will find that the OpenSSH version 8.0p1-18 resolves the vulnerability CVE-2023-38408:

      ===============================================
      rpm --query --changelog openssh

      * Thu Jul 20 2023 Dmitry Belyavskiy - 8.0p1-18
      - Avoid remote code execution in ssh-agent PKCS#11 support
      Resolves: CVE-2023-38408
      ===============================================​

      We're running openssh-8.0p1-25.el8_10.x86_64
      • Likes 1
      • Selected Answer

      Comment

      • #3
        You are absolutely right! Thanks for getting back and posting the answer.

        Comment

        Previous template Next
        Working...
        X