CVE-2021-41617

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-41617
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41617.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-41617
Related
Published
2021-09-26T19:15:07Z
Modified
2024-05-22T17:26:12.530480Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

References

Affected packages

Alpine:v3.11 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.1_p1-r1

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3

Alpine:v3.12 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.3_p1-r3

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3

Alpine:v3.13 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4_p1-r4

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3

Alpine:v3.14 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.6_p1-r3

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3

Alpine:v3.15 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.8_p1-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3
8.6_p1-r3

Alpine:v3.16 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.8_p1-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3
8.6_p1-r3

Alpine:v3.17 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.8_p1-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3
8.6_p1-r3

Alpine:v3.18 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.8_p1-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3
8.6_p1-r3

Alpine:v3.19 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.8_p1-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3
8.6_p1-r3

Alpine:v3.20 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.8_p1-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r3
5.5_p1-r3
5.6_p1-r3
5.8_p1-r3
5.8_p2-r3
5.9_p1-r3

6.*

6.0_p1-r3
6.1_p1-r3
6.2_p1-r3
6.2_p2-r3
6.3_p1-r3
6.4_p1-r3
6.6_p1-r3
6.7_p1-r3
6.8_p1-r3
6.9_p1-r3

7.*

7.1_p1-r3
7.1_p2-r3
7.2_p1-r3
7.2_p2-r3
7.3_p1-r3
7.4_p1-r3
7.5_p1-r3
7.6_p1-r3
7.7_p1-r3
7.8_p1-r3
7.9_p1-r3

8.*

8.0_p1-r3
8.1_p1-r3
8.2_p1-r3
8.3_p1-r3
8.4_p1-r3
8.5_p1-r3
8.6_p1-r3

Git / github.com/openssh/openssh-portable

Affected ranges

Type
GIT
Repo
https://github.com/openssh/openssh-portable
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

ABOUT_TO_ADD_INET_ATON
AFTER_FREEBSD_PAM_MERGE
AFTER_KRB5_GSSAPI_MERGE
BEFORE_FREEBSD_PAM_MERGE
BEFORE_KRB5_GSSAPI_MERGE
POST_KRB4_REMOVAL
PRE-REORDER
PRE_CYGWIN_MERGE
PRE_DAN_PATCH_MERGE
PRE_FIXPATHS_INTEGRATION
PRE_HPUX_INTEGRATION
PRE_IPV6
PRE_KRB4_REMOVAL
PRE_NEW_LOGIN_CODE
PRE_SW_KRBV
V_1_2PRE17
V_1_2_1_PRE18
V_1_2_1_PRE19
V_1_2_1_PRE20
V_1_2_1_PRE21
V_1_2_1_PRE22
V_1_2_1_PRE23
V_1_2_1_PRE24
V_1_2_1_PRE25
V_1_2_1_PRE26
V_1_2_1_PRE27
V_1_2_2
V_1_2_2_P1
V_1_2_2_PRE28
V_1_2_2_PRE29
V_1_2_3
V_1_2_3_PRE1
V_1_2_3_PRE2
V_1_2_3_PRE3
V_1_2_3_PRE4
V_1_2_3_PRE5
V_1_2_3_TEST1
V_1_2_3_TEST2
V_1_2_3_TEST3
V_1_2_PRE10
V_1_2_PRE11
V_1_2_PRE12
V_1_2_PRE13
V_1_2_PRE14
V_1_2_PRE15
V_1_2_PRE16
V_1_2_PRE4
V_1_2_PRE5
V_1_2_PRE6
V_1_2_PRE7
V_1_2_PRE8
V_1_2_PRE9
V_2_0_0_BETA1
V_2_0_0_BETA2
V_2_0_0_TEST1
V_2_1_0
V_2_1_0_P1
V_2_1_0_P2
V_2_1_0_P3
V_2_1_1_P1
V_2_1_1_P2
V_2_1_1_P3
V_2_1_1_P4
V_2_2_0_P1
V_2_3_0_P1
V_2_5_0_P1
V_2_5_1_P1
V_2_5_1_P2
V_2_5_2_P1
V_3_0_1_P1
V_3_0_P1
V_3_1_P1
V_3_2_2_P1
V_3_4_P1
V_3_6_1_P1
V_3_8_P1
V_3_9_P1
V_4_2_P1
V_5_0_P1
V_5_1_P1
V_5_2_P1
V_5_5_P1
V_5_7_P1
V_6_0_P1
V_6_1_P1
V_6_2_P1
V_6_5_P1
V_6_6_P1
V_6_8_P1
V_6_9_P1
V_7_0_P1
V_7_1_P1
V_7_2_P1
V_7_3_P1
V_7_4_P1
V_7_5_P1
V_7_6_P1
V_7_7_P1
V_7_8_P1
V_7_9_P1
V_8_0_P1
V_8_1_P1
V_8_2_P1
V_8_4_P1
V_8_5_P1
V_8_6_P1
V_8_7_P1