From 6fa799e1aad28b98d7e9b01c4c6ab109e491720d Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Thu, 20 Jul 2023 12:02:42 +0200 Subject: [PATCH] Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408 --- openssh-9.3p1-upstream-cve-2023-38408.patch | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 openssh-9.3p1-upstream-cve-2023-38408.patch diff --git a/openssh-9.3p1-upstream-cve-2023-38408.patch b/openssh-9.3p1-upstream-cve-2023-38408.patch new file mode 100644 index 0000000..5632ba1 --- /dev/null +++ b/openssh-9.3p1-upstream-cve-2023-38408.patch @@ -0,0 +1,17 @@ +diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c +index 6be647ec..ebddf6c3 100644 +--- a/ssh-pkcs11.c ++++ b/ssh-pkcs11.c +@@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin, + error("dlopen %s failed: %s", provider_module, dlerror()); + goto fail; + } +- if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { +- error("dlsym(C_GetFunctionList) failed: %s", dlerror()); +- goto fail; +- } ++ if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) ++ fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); + + p->module->handle = handle; + /* setup the pkcs11 callbacks */