CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
27.7%
Issue Overview:
A flaw was found in OpenSSH. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. Depending on system configuration, inherited groups may allow AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to gain unintended privileges, potentially leading to local privilege escalation. (CVE-2021-41617)
Affected Packages:
openssh
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update openssh to update your system.
New Packages:
aarch64:
openssh-7.4p1-22.amzn2.0.1.aarch64
openssh-clients-7.4p1-22.amzn2.0.1.aarch64
openssh-server-7.4p1-22.amzn2.0.1.aarch64
openssh-server-sysvinit-7.4p1-22.amzn2.0.1.aarch64
openssh-ldap-7.4p1-22.amzn2.0.1.aarch64
openssh-keycat-7.4p1-22.amzn2.0.1.aarch64
openssh-askpass-7.4p1-22.amzn2.0.1.aarch64
openssh-cavs-7.4p1-22.amzn2.0.1.aarch64
pam_ssh_agent_auth-0.10.3-2.22.amzn2.0.1.aarch64
openssh-debuginfo-7.4p1-22.amzn2.0.1.aarch64
i686:
openssh-7.4p1-22.amzn2.0.1.i686
openssh-clients-7.4p1-22.amzn2.0.1.i686
openssh-server-7.4p1-22.amzn2.0.1.i686
openssh-server-sysvinit-7.4p1-22.amzn2.0.1.i686
openssh-ldap-7.4p1-22.amzn2.0.1.i686
openssh-keycat-7.4p1-22.amzn2.0.1.i686
openssh-askpass-7.4p1-22.amzn2.0.1.i686
openssh-cavs-7.4p1-22.amzn2.0.1.i686
pam_ssh_agent_auth-0.10.3-2.22.amzn2.0.1.i686
openssh-debuginfo-7.4p1-22.amzn2.0.1.i686
src:
openssh-7.4p1-22.amzn2.0.1.src
x86_64:
openssh-7.4p1-22.amzn2.0.1.x86_64
openssh-clients-7.4p1-22.amzn2.0.1.x86_64
openssh-server-7.4p1-22.amzn2.0.1.x86_64
openssh-server-sysvinit-7.4p1-22.amzn2.0.1.x86_64
openssh-ldap-7.4p1-22.amzn2.0.1.x86_64
openssh-keycat-7.4p1-22.amzn2.0.1.x86_64
openssh-askpass-7.4p1-22.amzn2.0.1.x86_64
openssh-cavs-7.4p1-22.amzn2.0.1.x86_64
pam_ssh_agent_auth-0.10.3-2.22.amzn2.0.1.x86_64
openssh-debuginfo-7.4p1-22.amzn2.0.1.x86_64
Red Hat: CVE-2021-41617
Mitre: CVE-2021-41617
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
27.7%