Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 920724 (CVE-2023-6004) - <net-libs/libssh-0.10.6: ProxyCommand/ProxyJump features enable to inject malicious code through hostname
Summary: <net-libs/libssh-0.10.6: ProxyCommand/ProxyJump features enable to inject mal...
Alias: CVE-2023-6004
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A2 [glsa+]
Keywords: PullRequest
Depends on: 920726
  Show dependency tree
Reported: 2023-12-26 17:07 UTC by Sam James
Modified: 2024-01-21 11:16 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-26 17:07:57 UTC

Per the second link, this affects libssh too.

Using the ProxyCommand or the ProxyJump feature enables users to exploit
unchecked hostname syntax on the client, which enables to inject malicious code
into the command of the above-mentioned features through the hostname parameter.

User interaction is required to exploit this issue.
Comment 1 Larry the Git Cow gentoo-dev 2023-12-28 02:22:12 UTC
The bug has been referenced in the following commit(s):

commit b5fd84fed4c7e7ddb236f13fb5044cc546ce7c6c
Author:     GLSAMaker <>
AuthorDate: 2023-12-28 02:21:11 +0000
Commit:     Sam James <>
CommitDate: 2023-12-28 02:22:08 +0000

    [ GLSA 202312-16 ] libssh: Multiple Vulnerabilities
    Signed-off-by: GLSAMaker <>
    Signed-off-by: Sam James <>

 glsa-202312-16.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2024-01-03 23:01:23 UTC
The bug has been referenced in the following commit(s):

commit e1565810cb6fde75c0271f52eaf08f28d1548b66
Author:     Andreas Sturmlechner <>
AuthorDate: 2024-01-03 22:28:41 +0000
Commit:     Andreas Sturmlechner <>
CommitDate: 2024-01-03 23:00:47 +0000

    net-libs/libssh: Cleanup vulnerable 0.10.5
    Signed-off-by: Andreas Sturmlechner <>

 net-libs/libssh/Manifest             |   1 -
 net-libs/libssh/libssh-0.10.5.ebuild | 135 -----------------------------------
 2 files changed, 136 deletions(-)
Comment 3 Andreas Sturmlechner gentoo-dev 2024-01-03 23:02:33 UTC
Cleanup done, kde proj out.