Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 920722 (CVE-2023-51385) - <net-misc/openssh-9.6_p1: ProxyCommand Unexpected Code Execution Vulnerability
Summary: <net-misc/openssh-9.6_p1: ProxyCommand Unexpected Code Execution Vulnerability
Alias: CVE-2023-51385
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A2 [glsa+]
Depends on: 920725
  Show dependency tree
Reported: 2023-12-26 17:06 UTC by Sam James
Modified: 2024-01-07 05:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-26 17:06:24 UTC

SSH ProxyCommand allows users to proxy an SSH connection to a target. SSH ProxyCommand specifies the command to use to connect to the server. Arguments to this directive may contain tokens like %h and %u, which refer to hostname and username, respectively. The SSH Proxy feature also provides visibility into SSH traffic and control over the commands users execute in the SSH channel.
Comment 1 Larry the Git Cow gentoo-dev 2023-12-28 02:22:13 UTC
The bug has been referenced in the following commit(s):

commit 3dfe782899716a3480c9481c69bca8c231c663a7
Author:     GLSAMaker <>
AuthorDate: 2023-12-28 02:21:28 +0000
Commit:     Sam James <>
CommitDate: 2023-12-28 02:22:09 +0000

    [ GLSA 202312-17 ] OpenSSH: Multiple Vulnerabilities
    Signed-off-by: GLSAMaker <>
    Signed-off-by: Sam James <>

 glsa-202312-17.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)