CVE-2009-2904

NameCVE-2009-2904
DescriptionA certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openssh (PTS)jessie1:6.7p1-5+deb8u4fixed
jessie (security)1:6.7p1-5+deb8u8fixed
stretch1:7.4p1-10+deb9u7fixed
stretch (security)1:7.4p1-10+deb9u6fixed
buster, buster (security)1:7.9p1-10+deb10u1fixed
bullseye, sid1:8.1p1-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
opensshsource(unstable)(not affected)

Notes

- openssh <not-affected> (issue with homechroot patch specific to Red Hat)

Search for package or bug name: Reporting problems