ELA-925-1 openssh security update

remote code execution

Version1:6.7p1-5+deb8u9 (jessie), 1:7.4p1-10+deb9u8 (stretch)
Related CVEs CVE-2023-38408

A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent).

This flaw allows an attacker with control of the forwarded agent-socket on the server and the ability to write to the filesystem of the client host to execute arbitrary code with the privileges of the user running the ssh-agent.

For Debian 8 jessie, these problems have been fixed in version 1:6.7p1-5+deb8u9.

For Debian 9 stretch, these problems have been fixed in version 1:7.4p1-10+deb9u8.

We recommend that you upgrade your openssh packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.