rpms
/
openssh
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Avoid remote code execution in ssh-agent PKCS#11 support 

Resolves: CVE-2023-38408
This commit is contained in:
Dmitry Belyavskiy 2023-07-20 12:02:42 +02:00
parent c5140cafa3
commit 6fa799e1aa
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
openssh-9.3p1-upstream-cve-2023-38408.patch Normal file
View File

@ -0,0 +1,17 @@
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 6be647ec..ebddf6c3 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin,
error("dlopen %s failed: %s", provider_module, dlerror());
goto fail;
}
- if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) {
- error("dlsym(C_GetFunctionList) failed: %s", dlerror());
- goto fail;
- }
+ if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL)
+ fatal("dlsym(C_GetFunctionList) failed: %s", dlerror());
p->module->handle = handle;
/* setup the pkcs11 callbacks */