Lucene search

K
redhatRedHatRHSA-2024:0429
HistoryJan 24, 2024 - 2:40 p.m.

(RHSA-2024:0429) Moderate: openssh security update

2024-01-2414:40:32
access.redhat.com
14
openssh
ssh protocol
linux
unix
security update
command injection
shell metacharacters
cve-2023-48795
cve-2023-51385

7.9 High

AI Score

Confidence

High

0.962 High

EPSS

Percentile

99.5%

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

  • ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)

  • openssh: potential command injection via shell metacharacters (CVE-2023-51385)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.