OpenSSH Vulnerabilities CVE-2023-38408, CVE-2023-28531, CVE-2024-6387, CVE-2023-51767
search cancel

OpenSSH Vulnerabilities CVE-2023-38408, CVE-2023-28531, CVE-2024-6387, CVE-2023-51767

book

Article ID: 387634

calendar_today

Updated On: 02-17-2025

Products

VMware Telco Cloud Automation

Issue/Introduction

Security vulnerabilities in OpenSSH were reported and identified in both TCA and Airgap. These vulnerabilities were assessed based on the installed OpenSSH versions, and corresponding remediation steps have been provided.

CVE-2023-38408

CVE-2023-28531

CVE-2024-6387

CVE-2023-51767

Environment

TCA 3.2

Airgap 3.2

Resolution

  1. Check OpenSSH Versions.

    - Verify the installed OpenSSH versions with:

    # ssh -V

    - Ensure that OpenSSH 8.9p1-8.ph4 (or a later version) is installed.

  2. Disable SSH in the production environment.

    - According to VMware best practices, SSH access should be disabled in production environments unless it is absolutely required.

    - Please refer to the TCA Security Configuration Guide for detailed instructions.

  3. Keep an eye out for future updates.

    - Ensure that TCA Manager, Control Plane, and Airgap Server are always updated with the latest patches and releases.

    - Subscribe to VMware security advisories to stay informed about updates on OpenSSH and other vulnerabilities.

Additional Information

CVE Details and Impact Assessment

CVE-2023-38408 - OpenSSH Remote Code Execution Vulnerability via Forwarded Agent Socket

  • Resolved in OpenSSH 8.9p1-1.ph4
  • Impact on TCA:

    - Not Affected: TCA Manager, Control Plane, and Airgap Servers running OpenSSH 8.9p1-1.ph4 or higher.

 

CVE-2023-28531 - OpenSSH Sensitive Information Disclosure Vulnerability

  • Resolved in OpenSSH 8.9p1-2.ph4
  • Impact on TCA:

    - Not Affected: TCA Manager, Control Plane, and Airgap Servers running OpenSSH 8.9p1-2.ph4 or higher.

 

CVE-2024-6387 - OpenSSH Signal Handler Race Condition Vulnerability (regreSSHion)

  • Resolved in OpenSSH 8.9p1-8.ph4
  • Impact on TCA:
  • TCA Manager and Control Plane:

    - This vulnerability has only been observed on certain 32-bit Linux systems.

    - TCA Manager and Control Plane run on 64-bit Linux, thus are unaffected.

    - Current OpenSSH Version: 8.9p1-7.ph4 (upgrade to 8.9p1-8.ph4 scheduled for the next release).

    - Mitigation: It is recommended to disable SSH in production environments as outlined in the TCA Security Configuration Guide.

  • TCA Airgap Server:

    - The latest OpenSSH version is installed, and the system is not impacted.

 

CVE-2023-51767 - OpenSSH Authentication Bypass via Rowhammer Attack

  • Status: No fix available upstream.
  • Impact on TCA:

    - The attack was demonstrated on modified sshd binaries, not on standard OpenSSH.

    - Not Affected: TCA Manager, Control Plane, and Airgap Server do not include the modified OpenSSH version.

 

Reference links: