openssh, pam_ssh_agent_auth security update

🗓️ 01 Dec 2021 19:19:31Reported by CentOS ProjectType

centos

centos🔗 lists.centos.org👁 445 Views

OpenSSH privilege escalation security updat

Reporter	Title	Published	Views	Family All 207
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities	19 Jun 202505:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to privilege escalation due to CVE-2021-41617	22 Jun 202210:25	–	ibm
IBM Security Bulletins	Security Bulletin: OpenSSH for IBM i is affected by CVE-2021-41617	1 Dec 202123:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSH affects IBM Integrated Analytics System (Sailfish) [CVE-2023-51385, CVE-2023-48795, CVE-2023-38408, CVE-2020-15778, CVE-2021-41617].	20 May 202509:21	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSH affects AIX (CVE-2021-41617)	18 May 202214:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Polkit, Node.js, OpenSSH, and Golang Go affect IBM Spectrum Protect Plus (CVE-2021-4034, CVE-2022-21681, CVE-2022-21680, CVE-2022-0235, CVE-2021-41617, CVE-2021-44716, CVE-2021-44717, 218243)	12 Mar 202201:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture is using components with known vulnerabilities	31 Mar 202214:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2019-10086, CVE-2021-41617)	23 Jun 202216:59	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSH affects IBM Integrated Analytics System	16 Feb 202210:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by Vulnerability in OpenSSH. (CVE-2021-41617)	7 Jul 202210:45	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
CentOS	7	x86_64	openssh	7.4p1-22.el7_9	openssh-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-askpass	7.4p1-22.el7_9	openssh-askpass-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-cavs	7.4p1-22.el7_9	openssh-cavs-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-clients	7.4p1-22.el7_9	openssh-clients-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-keycat	7.4p1-22.el7_9	openssh-keycat-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-ldap	7.4p1-22.el7_9	openssh-ldap-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-server	7.4p1-22.el7_9	openssh-server-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	x86_64	openssh-server-sysvinit	7.4p1-22.el7_9	openssh-server-sysvinit-7.4p1-22.el7_9.x86_64.rpm
CentOS	7	i686	pam_ssh_agent_auth	0.10.3-2.22.el7_9	pam_ssh_agent_auth-0.10.3-2.22.el7_9.i686.rpm
CentOS	7	x86_64	pam_ssh_agent_auth	0.10.3-2.22.el7_9	pam_ssh_agent_auth-0.10.3-2.22.el7_9.x86_64.rpm

Source	Link
twitter	www.twitter.com/centos
steadfast	www.steadfast.net/
linkedin	www.linkedin.com/groups/22405
youtube	www.youtube.com/TheCentOSProject
facebook	www.facebook.com/groups/centosproject/
access	www.access.redhat.com/errata/RHSA-2021:4782
reddit	www.reddit.com/r/CentOS/

01 Dec 2021 19:19Current

6.7Medium risk

Vulners AI Score6.7

CVSS 24.4

CVSS 3.17

EPSS0.02367

openssh privilege escalation security advisory