CVE-2023-5616 | THREATINT

Description

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user.

PUBLISHED Reserved 2023-10-17 | Published 2025-04-15 | Updated 2025-04-15 | Assigner canonical

Product status

1:45 (deb) before 1:45.0-1ubuntu3.1

affected

1:44 (deb) before 1:44.0-1ubuntu6.1

affected

1:41 (deb) before 1:41.7-0ubuntu0.22.04.8

affected

1:3 (deb) before 1:3.36.5-0ubuntu4.1

affected

Credits

Zygmunt Krynicki finder

References

bugs.launchpad.net/...urce/gnome-control-center/+bug/2039577 issue-tracking

ubuntu.com/security/notices/USN-6554-1 vendor-advisory

ubuntu.com/security/CVE-2023-5616 issue-tracking

cve.org (CVE-2023-5616)

nvd.nist.gov (CVE-2023-5616)