FreeBSD -- ssh-add does not honor per-hop destination constraints

Problem Description: When using ssh-add1 to add smartcard keys to ssh-agent1 with per-hop destination constraints, a logic error prevented the constraints from being sent to the agent resulting in keys being added to the agent without constraints. Impact: A malicious server could leverage the key...

The vulnerability of SSH-agent’s identification keys in the OpenSSH cryptographic protection mechanism allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of SSH-agent’s identification keys in the OpenSSH encryption method is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

K000133517: OpenSSH vulnerability CVE-2023-28531

Security Advisory Description ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. CVE-2023-28531 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

OpenSSH < 9.3 Multiple Vulnerabilities

The version of OpenSSH installed on the remote host is prior to 9.3. It is, therefore, affected by multiple vulnerabilities as referenced in the release-9.3 advisory. - ssh-add1: when adding smartcard keys to ssh-agent1 with the per-hop destination constraints ssh-add -h ... added in OpenSSH 8.9,...

SUSE CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

CVE-2023-28531

A vulnerability was found in openssh. This issue occurs when adding smartcard keys to ssh-agent1 with per-hop destination constraints. A logic error prevented the constraints from being communicated to the agent, resulting in the keys being added without constraints. The common cases of...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling such that ssh-add method adds smartcard keys to ssh-agent without the intended per-hop destination constraints. Remediation A fix was pushed into the master branch but not yet...

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

AZL-25662 CVE-2023-28531 affecting package openssh for versions less than 8.9p1-5

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

ALPINE-CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

DEBIAN-CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

Code injection

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

UBUNTU-CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

CVE-2023-28531

CVE-2023-28531 affects OpenSSH: ssh-add adds smartcard keys to ssh-agent without the intended per‑hop destination constraints, starting from OpenSSH up to version 9.2.x and earliest affected 8.9. The issue is resolved in OpenSSH 9.3 and later. Remediation is upgrading to 9.3+ (or the distro patch...

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

PT-2023-2329

Name of the Vulnerable Software and Affected Versions OpenSSH versions 8.9 through 9.2 Description The issue is related to the use of memory after it has been freed in the ssh-agent of OpenSSH, which can allow a remote attacker to impact the confidentiality, integrity, and availability of protect...