people.canonical.com
Open in
urlscan Pro
91.189.89.62
Public Scan
URL:
https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-41617
Submission: On March 17 via api from IL — Scanned from GB
Submission: On March 17 via api from IL — Scanned from GB
Form analysis 0 forms found in the DOM
Text Content
Ubuntu CVE Tracker * Home * Main * Universe * Partner CVE-2021-41617 Priority Low Description sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617 https://www.openwall.com/lists/oss-security/2021/09/26/1 https://www.openssh.com/txt/release-8.8 https://www.openssh.com/security.html Bugs http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130 https://bugzilla.suse.com/show_bug.cgi?id=1190975 Notes seth-arnoldopenssh-ssh1 is provided for compatibility with old devices that cannot be upgraded to modern protocols. Thus we may not provide security support for this package if doing so would prevent access to equipment. mdeslaurOnly applies to non-default configurations where AuthorizedKeysCommand or AuthorizedPrincipalsCommand are used. sespirosCannot reproduce since sshd for all releases drops supplementary groups early when it starts with setgroups(0, NULL). Package Source: openssh (LP Ubuntu Debian) Upstream:released (8.8) Ubuntu 18.04 LTS (Bionic Beaver):needed Ubuntu 16.04 FIPS Compliant (Xenial Xerus):needed Ubuntu 20.04 LTS (Focal Fossa):needed Ubuntu 16.04 FIPS Certified (Xenial Xerus):needed Ubuntu 21.10 (Impish Indri):needed Ubuntu 16.04 ESM (Xenial Xerus):needed Ubuntu 18.04 FIPS Certified (Bionic Beaver):needed Ubuntu 20.04 FIPS Certified (Focal Fossa):needed Ubuntu 18.04 FIPS Compliant (Bionic Beaver):needed Ubuntu 14.04 ESM (Trusty Tahr):needed Ubuntu 20.04 FIPS Compliant (Focal Fossa):needed Patches: Upstream:https://github.com/openssh/openssh-portable/commit/f3cbe43e28fe71427d41cfe3a17125b972710455 Upstream:https://github.com/openssh/openssh-portable/commit/bf944e3794eff5413f2df1ef37cddf96918c6bde Package Source: openssh-ssh1 (LP Ubuntu Debian) Upstream:ignored (frozen on openssh 7.5p) Ubuntu 18.04 LTS (Bionic Beaver):needed Ubuntu 20.04 LTS (Focal Fossa):needed Ubuntu 21.10 (Impish Indri):needed Ubuntu 14.04 ESM (Trusty Tahr):DNE Patches: More Information * Mitre * NVD * Launchpad * Debian Updated: 2022-03-16 20:14:38 UTC (commit 445b1afa62854500e87e0b41e132553415252c73) © Canonical Ltd. 2007-2022