CVE-2016-3115

Upstream information

CVE-2016-3115 at MITRE

Description

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

---

SUSE information

CVSS v2 Scores

	National Vulnerability Database	SUSE
Base Score	5.46	4.93
Vector	AV:N/AC:L/Au:S/C:P/I:P/A:N	AV:N/AC:M/Au:S/C:P/I:P/A:N
Access Vector	Network	Network
Access Complexity	Low	Medium
Authentication	Single	Single
Confidentiality Impact	Partial	Partial
Integrity Impact	Partial	Partial
Availability Impact	None	None

CVSS v3 Scores

	National Vulnerability Database
Base Score	6.4
Vector	AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Access Vector	Network
Access Complexity	Low
Privileges Required	Low
User Interaction	None
Scope	Changed
Confidentiality Impact	Low
Integrity Impact	Low
Availability Impact	None

This issue is currently rated as having moderate severity.

SUSE Bugzilla entries: 1005738, 970632 [RESOLVED / ], 992296 [NEW], 992991 [RESOLVED / ], 996040 [RESOLVED / FIXED]

SUSE Security Advisories:

• SUSE-SU-2016:1386-1, published Mon May 23 12:07:57 MDT 2016
• SUSE-SU-2016:1528-1, published Wed Jun 8 08:08:56 MDT 2016
• SUSE-SU-2016:2388-1, published Mon Sep 26 13:09:33 MDT 2016
• SUSE-SU-2016:2555-1, published Mon Oct 17 12:09:16 MDT 2016
• openSUSE-SU-2016:1455-1, published Tue, 31 May 2016 19:09:24 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 12	openssh >= 6.6p1-42.1 openssh-askpass-gnome >= 6.6p1-42.1 openssh-helpers >= 6.6p1-42.1	Patchnames: SUSE-SLE-DESKTOP-12-2016-818
SUSE Linux Enterprise Desktop 12 SP1	openssh >= 6.6p1-42.1 openssh-askpass-gnome >= 6.6p1-42.1 openssh-helpers >= 6.6p1-42.1	Patchnames: SUSE-SLE-DESKTOP-12-SP1-2016-818
SUSE Linux Enterprise Desktop 12 SP2	openssh >= 7.2p2-55.1 openssh-helpers >= 7.2p2-55.1	Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA openssh
SUSE Linux Enterprise Point of Sale 11 SP3	openssh >= 6.2p2-0.33.2 openssh-askpass >= 6.2p2-0.33.2 openssh-askpass-gnome >= 6.2p2-0.33.5	Patchnames: sleposp3-openssh-12759
SUSE Linux Enterprise Server 11 SP3-LTSS	openssh >= 6.2p2-0.33.2 openssh-askpass >= 6.2p2-0.33.2 openssh-askpass-gnome >= 6.2p2-0.33.5	Patchnames: slessp3-openssh-12759
SUSE Linux Enterprise Server 11 SP4	openssh >= 6.6p1-21.1 openssh-askpass-gnome >= 6.6p1-21.3 openssh-fips >= 6.6p1-21.1 openssh-helpers >= 6.6p1-21.1	Patchnames: slessp4-openssh-12603
SUSE Linux Enterprise Server 11-SECURITY	openssh-openssl1 >= 6.6p1-15.1 openssh-openssl1-helpers >= 6.6p1-15.1	Patchnames: secsp3-openssh-openssl1-12794
SUSE Linux Enterprise Server 12	openssh >= 6.6p1-42.1 openssh-askpass-gnome >= 6.6p1-42.1 openssh-fips >= 6.6p1-42.1 openssh-helpers >= 6.6p1-42.1	Patchnames: SUSE-SLE-SERVER-12-2016-818
SUSE Linux Enterprise Server 12 SP1	openssh >= 6.6p1-42.1 openssh-askpass-gnome >= 6.6p1-42.1 openssh-fips >= 6.6p1-42.1 openssh-helpers >= 6.6p1-42.1	Patchnames: SUSE-SLE-SERVER-12-SP1-2016-818
SUSE Linux Enterprise Server 12 SP2	openssh >= 7.2p2-55.1 openssh-fips >= 7.2p2-55.1 openssh-helpers >= 7.2p2-55.1	Patchnames: SUSE Linux Enterprise Server 12 SP2 GA openssh
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	openssh >= 7.2p2-55.1 openssh-fips >= 7.2p2-55.1 openssh-helpers >= 7.2p2-55.1	Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA openssh
SUSE Manager 2.1	openssh >= 6.2p2-0.33.2 openssh-askpass >= 6.2p2-0.33.2 openssh-askpass-gnome >= 6.2p2-0.33.5	Patchnames: sleman21-openssh-12759
SUSE Manager Proxy 2.1	openssh >= 6.2p2-0.33.2 openssh-askpass >= 6.2p2-0.33.2 openssh-askpass-gnome >= 6.2p2-0.33.5	Patchnames: slemap21-openssh-12759
SUSE OpenStack Cloud 5	openssh >= 6.2p2-0.33.2 openssh-askpass >= 6.2p2-0.33.2 openssh-askpass-gnome >= 6.2p2-0.33.5	Patchnames: sleclo50sp3-openssh-12759
openSUSE Leap 42.1	openssh >= 6.6p1-11.1 openssh-askpass-gnome >= 6.6p1-11.1 openssh-askpass-gnome-debuginfo >= 6.6p1-11.1 openssh-cavs >= 6.6p1-11.1 openssh-cavs-debuginfo >= 6.6p1-11.1 openssh-debuginfo >= 6.6p1-11.1 openssh-debugsource >= 6.6p1-11.1 openssh-fips >= 6.6p1-11.1 openssh-helpers >= 6.6p1-11.1 openssh-helpers-debuginfo >= 6.6p1-11.1	Patchnames: openSUSE-2016-668
openSUSE Leap 42.2	openssh >= 7.2p2-6.1 openssh-helpers >= 7.2p2-6.1	Patchnames: openSUSE Leap 42.2 GA openssh

---

List of planned updates

The following information is the current evaluation information for this security issue. It might neither be accurate nor complete, Use at own risk.

Product(s)	Source package
SUSE Linux Enterprise Server 10 SP4 LTSS	openssh