Possible remote code execution due to a race condition (CVE-2024-6387)
Resolves: RHEL-45348
This commit is contained in:
parent
6ca18e235a
commit
96149ae84f
18
openssh-9.8p1-upstream-cve-2024-6387.patch
Normal file
18
openssh-9.8p1-upstream-cve-2024-6387.patch
Normal file
@ -0,0 +1,18 @@
|
||||
diff -up openssh-8.7p1/log.c.xxx openssh-8.7p1/log.c
|
||||
--- openssh-8.7p1/log.c.xxx 2024-06-28 11:02:43.949912398 +0200
|
||||
+++ openssh-8.7p1/log.c 2024-06-28 11:02:58.652297885 +0200
|
||||
@@ -455,12 +455,14 @@ void
|
||||
sshsigdie(const char *file, const char *func, int line, int showfunc,
|
||||
LogLevel level, const char *suffix, const char *fmt, ...)
|
||||
{
|
||||
+#if 0
|
||||
va_list args;
|
||||
|
||||
va_start(args, fmt);
|
||||
sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
|
||||
suffix, fmt, args);
|
||||
va_end(args);
|
||||
+#endif
|
||||
_exit(1);
|
||||
}
|
||||
|
@ -47,7 +47,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.7p1
|
||||
%global openssh_rel 41
|
||||
%global openssh_rel 42
|
||||
%global pam_ssh_agent_ver 0.10.4
|
||||
%global pam_ssh_agent_rel 5
|
||||
|
||||
@ -292,6 +292,7 @@ Patch1018: openssh-9.6p1-CVE-2023-48795.patch
|
||||
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
|
||||
#upstream commit 96faa0de6c673a2ce84736eba37fc9fb723d9e5c
|
||||
Patch1020: openssh-8.7p1-sigpipe.patch
|
||||
Patch1021: openssh-9.8p1-upstream-cve-2024-6387.patch
|
||||
|
||||
License: BSD
|
||||
Requires: /sbin/nologin
|
||||
@ -517,6 +518,7 @@ popd
|
||||
%patch1018 -p1 -b .cve-2023-48795
|
||||
%patch1019 -p1 -b .cve-2023-51385
|
||||
%patch1020 -p1 -b .earlypipe
|
||||
%patch1021 -p1 -b .cve-2024-6387
|
||||
|
||||
autoreconf
|
||||
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
||||
@ -804,6 +806,10 @@ test -f %{sysconfig_anaconda} && \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42
|
||||
- Possible remote code execution due to a race condition (CVE-2024-6387)
|
||||
Resolves: RHEL-45348
|
||||
|
||||
* Mon Jun 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-41
|
||||
- Fix ssh multiplexing connect timeout processing
|
||||
Resolves: RHEL-37748
|
||||
|
Loading…
Reference in New Issue
Block a user