CVE-2025-61984

Sažetak

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)

Reference

https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
https://www.openssh.com/releasenotes.html#10.1p1
https://www.openwall.com/lists/oss-security/2025/10/06/1
https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984

CVSS

Base:	3.6
Impact:	2.5
Exploitability:	1.0

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Zadnje važnije ažuriranje

08-10-2025 - 19:38

Objavljeno

06-10-2025 - 19:15