CVE-2021-41617

CVE-2021-41617

Name

CVE-2021-41617

Description

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://www.openwall.com/lists/oss-security/2021/09/26/1
MISC	https://www.openssh.com/txt/release-8.8
MISC	https://www.openssh.com/security.html
CONFIRM	https://bugzilla.suse.com/show_bug.cgi?id=1190975
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
CONFIRM	https://security.netapp.com/advisory/ntap-20211014-0004/
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
MISC	https://www.oracle.com/security-alerts/cpuapr2022.html
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
cve@mitre.org	https://www.debian.org/security/2023/dsa-5586
Third Party Advisory	https://www.oracle.com/security-alerts/cpujul2022.html
Third Party Advisory	https://www.starwindsoftware.com/security/sw-20220805-0001/
cve@mitre.org	https://www.tenable.com/plugins/nessus/154174
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html

Type

URI

MISC

https://www.openwall.com/lists/oss-security/2021/09/26/1

MISC

https://www.openssh.com/txt/release-8.8

MISC

https://www.openssh.com/security.html

CONFIRM

https://bugzilla.suse.com/show_bug.cgi?id=1190975

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/

CONFIRM

https://security.netapp.com/advisory/ntap-20211014-0004/

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/

MISC

https://www.oracle.com/security-alerts/cpuapr2022.html

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/

cve@mitre.org

https://www.debian.org/security/2023/dsa-5586

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2022.html

Third Party Advisory

https://www.starwindsoftware.com/security/sw-20220805-0001/

cve@mitre.org

https://www.tenable.com/plugins/nessus/154174

cve@mitre.org

https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:openbsd:openssh::::::::`	openssh	>= 6.2	< 8.8

CPE URI

Source package

Min version

Max version

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*

openssh

>= 6.2

< 8.8

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
openssh	3.14-main	8.6_p1-r3	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssh	3.13-main	8.4_p1-r4	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssh	3.12-main	8.3_p1-r3	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssh	3.11-main	8.1_p1-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

openssh

3.14-main

8.6_p1-r3

Natanael Copa <ncopa@alpinelinux.org>

fixed

openssh

3.13-main