Bug 975865 – VUL-0: CVE-2015-8325: openssh: ignore PAM environment vars when UseLogin=yes

Bug 975865 - (CVE-2015-8325) VUL-0: CVE-2015-8325: openssh: ignore PAM environment vars when UseLogin=yes

(CVE-2015-8325)
Summary:	VUL-0: CVE-2015-8325: openssh: ignore PAM environment vars when UseLogin=yes

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Petr Cerny
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv2:SUSE:CVE-2015-8325:6.6:(AV:L/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2016-04-16 18:59 UTC by Ismail Dönmez
Modified:	2020-06-08 23:22 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ismail Dönmez 2016-04-16 18:59:03 UTC

Upstream fix: https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755

Comment 1 Andreas Stieger 2016-04-17 09:04:12 UTC

From commit:

If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM.

Comment 2 Swamp Workflow Management 2016-04-17 22:00:14 UTC

bugbot adjusting priority

Comment 7 Swamp Workflow Management 2016-05-23 18:10:04 UTC

SUSE-SU-2016:1386-1: An update that solves three vulnerabilities and has 9 fixes is now available.

Category: security (moderate)
Bug References: 729190,932483,945484,945493,947458,948902,960414,961368,962313,965576,970632,975865
CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115
Sources used:
SUSE Linux Enterprise Server 12-SP1 (src):    openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1
SUSE Linux Enterprise Server 12 (src):    openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1
SUSE Linux Enterprise Desktop 12 (src):    openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1

Comment 8 Bernhard Wiedemann 2016-05-27 10:02:31 UTC

This is an autogenerated message for OBS integration:
This bug (975865) was mentioned in
https://build.opensuse.org/request/show/398334 13.2 / openssh

Comment 9 Swamp Workflow Management 2016-05-31 17:11:25 UTC

openSUSE-SU-2016:1455-1: An update that solves three vulnerabilities and has 9 fixes is now available.

Category: security (moderate)
Bug References: 729190,932483,945484,945493,947458,948902,960414,961368,962313,965576,970632,975865
CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115
Sources used:
openSUSE Leap 42.1 (src):    openssh-6.6p1-11.1, openssh-askpass-gnome-6.6p1-11.1

Comment 10 Swamp Workflow Management 2016-06-08 14:10:42 UTC

SUSE-SU-2016:1528-1: An update that solves three vulnerabilities and has 7 fixes is now available.

Category: security (moderate)
Bug References: 729190,932483,948902,960414,961368,961494,962313,965576,970632,975865
CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    openssh-6.6p1-21.1, openssh-askpass-gnome-6.6p1-21.3
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    openssh-6.6p1-21.1, openssh-askpass-gnome-6.6p1-21.3

Comment 11 Swamp Workflow Management 2016-07-18 12:30:23 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2016-08-01.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62899

Comment 15 Swamp Workflow Management 2016-09-26 19:10:55 UTC

SUSE-SU-2016:2388-1: An update that solves 5 vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 932483,948902,959096,962313,962794,970632,975865,981654,989363,992533
CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115,CVE-2016-6210,CVE-2016-6515
Sources used:
SUSE OpenStack Cloud 5 (src):    openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5
SUSE Manager Proxy 2.1 (src):    openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5
SUSE Manager 2.1 (src):    openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5

Comment 18 Bernhard Wiedemann 2016-10-07 16:01:35 UTC

This is an autogenerated message for OBS integration:
This bug (975865) was mentioned in
https://build.opensuse.org/request/show/433780 Factory / openssh

Comment 20 Swamp Workflow Management 2016-10-17 18:11:07 UTC

SUSE-SU-2016:2555-1: An update that solves 5 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 729190,932483,948902,960414,961368,961494,962313,965576,970632,975865,981654,989363,992533
CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115,CVE-2016-6210,CVE-2016-6515
Sources used:
SUSE Linux Enterprise Server 11-SECURITY (src):    openssh-openssl1-6.6p1-15.1

Comment 24 Marcus Meissner 2017-06-26 06:33:52 UTC

released