BestHub
Sign in
Information Security 3 min read

OpenSSH ssh-agent Client Remote Code Execution Vulnerability (CVE-2023-38408)

A critical OpenSSH ssh-agent vulnerability (CVE-2023-38408) allows attackers to execute arbitrary code on the client by forwarding the agent and loading a malicious shared library, affecting all ssh-agent versions up to 9.3p2 and OpenSSH versions up to 9.3p2‑1, with mitigation recommendations to disable forwarding and upgrade the package.

Laravel Tech Community
Laravel Tech Community
Laravel Tech Community
OpenSSH ssh-agent Client Remote Code Execution Vulnerability (CVE-2023-38408)

SSH‑Agent is a component of SSH that manages private keys and supports public‑key authentication.

When a user forwards ssh‑agent to a malicious server, the lack of restrictions on loaded shared libraries enables an attacker to pass a malicious library as a parameter; ssh‑agent then loads and unloads it via dlopen / dlclose , achieving remote code execution on the client host.

Vulnerability Name

OpenSSH ssh-agent Client Remote Code Execution Vulnerability

Vulnerability Type

Code Injection

Discovery Date

2023-07-20

Impact Scope

Wide

MPS ID

MPS-hwop-qus5

CVE ID

CVE-2023-38408

CNVD ID

-

The vulnerability affects ssh‑agent versions up to 9.3p2 (inclusive) and OpenSSH versions up to 9.3p2‑1.

Mitigation: avoid using ssh‑agent forwarding and upgrade the OpenSSH package to version 9.3p2‑1 or later.

information securityvulnerabilityRemote Code ExecutionOpenSSHCVE-2023-38408ssh-agent
Laravel Tech Community
Written by

Laravel Tech Community

Specializing in Laravel development, we continuously publish fresh content and grow alongside the elegant, stable Laravel framework.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment