SUSE update for openssh



Published: 2021-12-06
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2021-41617
CWE-ID CWE-269
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		SUSE MicroOS
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Desktop Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Basesystem
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Server Applications
Operating systems & Components / Operating system

openssh-helpers-debuginfo
Operating systems & Components / Operating system package or component

openssh-helpers
Operating systems & Components / Operating system package or component

openssh-askpass-gnome-debugsource
Operating systems & Components / Operating system package or component

openssh-askpass-gnome-debuginfo
Operating systems & Components / Operating system package or component

openssh-askpass-gnome
Operating systems & Components / Operating system package or component

openssh-server-debuginfo
Operating systems & Components / Operating system package or component

openssh-server
Operating systems & Components / Operating system package or component

openssh-fips
Operating systems & Components / Operating system package or component

openssh-debugsource
Operating systems & Components / Operating system package or component

openssh-debuginfo
Operating systems & Components / Operating system package or component

openssh-common-debuginfo
Operating systems & Components / Operating system package or component

openssh-common
Operating systems & Components / Operating system package or component

openssh-clients-debuginfo
Operating systems & Components / Operating system package or component

openssh-clients
Operating systems & Components / Operating system package or component

openssh
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper Privilege Management

EUVDB-ID: #VU58333

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-41617

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management in sshd, when certain non-default configurations are used, because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. A local user can escalate privileges on the system.

Mitigation

Update the affected package openssh to the latest version.

Vulnerable software versions

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Desktop Applications: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

SUSE Linux Enterprise Module for Server Applications: 15-SP3

openssh-helpers-debuginfo: before 8.4p1-3.6.1

openssh-helpers: before 8.4p1-3.6.1

openssh-askpass-gnome-debugsource: before 8.4p1-3.6.1

openssh-askpass-gnome-debuginfo: before 8.4p1-3.6.1

openssh-askpass-gnome: before 8.4p1-3.6.1

openssh-server-debuginfo: before 8.4p1-3.6.1

openssh-server: before 8.4p1-3.6.1

openssh-fips: before 8.4p1-3.6.1

openssh-debugsource: before 8.4p1-3.6.1

openssh-debuginfo: before 8.4p1-3.6.1

openssh-common-debuginfo: before 8.4p1-3.6.1

openssh-common: before 8.4p1-3.6.1

openssh-clients-debuginfo: before 8.4p1-3.6.1

openssh-clients: before 8.4p1-3.6.1

openssh: before 8.4p1-3.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20213950-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###