CVE-2016-10010 openssh: privilege escalation via Unix domain socket forwarding

CVE ID

CVE-2016-10010

DESCRIPTION

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

RESOLUTION

CentOS6    openssh    - Not affected, False Positive
CentOS7    openssh    - Not affected, False Positive

 

LINK TO ADVISORIES

  • https://nvd.nist.gov/vuln/detail/CVE-2016-10010
  • https://access.redhat.com/security/cve/cve-2016-10010

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section