Related Vulnerabilities: CVE-2016-10009  

It was found that ssh-agent could load PKCS#11 modules from paths outside of a trusted whitelist. An attacker able to load a crafted PKCS#11 module across a forwarded agent channel could potentially use this flaw to execute arbitrary code on the system running the ssh-agent. Note that the attacker must have control of the forwarded agent-socket and the ability to write to the filesystem of the host running ssh-agent.

Severity Medium

Remote No

Type Arbitrary code execution

Description

It was found that ssh-agent could load PKCS#11 modules from paths outside of a trusted whitelist. An attacker able to load a crafted PKCS#11 module across a forwarded agent channel could potentially use this flaw to execute arbitrary code on the system running the ssh-agent. Note that the attacker must have control of the forwarded agent-socket and the ability to write to the filesystem of the host running ssh-agent.

AVG-110 openssh 7.3p1-2 7.4p1-1 Medium Fixed

22 Dec 2016 ASA-201612-20 AVG-110 openssh Medium multiple issues

https://www.openssh.com/txt/release-7.4
http://seclists.org/oss-sec/2016/q4/705