CVE-2022-24302
Summary
| CVE | CVE-2022-24302 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-03-17 22:15:00 UTC |
|---|
| Updated | 2023-11-07 03:44:00 UTC |
|---|
| Description | In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 36 Update: python-paramiko-2.10.3-1.fc36 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] [DLA 2959-1] paramiko security update |
MLIST |
lists.debian.org |
|
| paramiko/pkey.py at 363a28d94cada17f012c1604a3c99c71a2bda003 · paramiko/paramiko · GitHub |
MISC |
github.com |
|
| [SECURITY] Fedora 34 Update: python-paramiko-2.10.3-1.fc34 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 34 Update: python-paramiko-2.10.3-1.fc34 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 36 Update: python-paramiko-2.10.3-1.fc36 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 35 Update: python-paramiko-2.10.3-1.fc35 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 35 Update: python-paramiko-2.10.3-1.fc35 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] [DLA 3104-1] paramiko security update |
MLIST |
lists.debian.org |
|
| www.paramiko.org/changelog.html |
MISC |
www.paramiko.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 179149 Debian Security Update for paramiko (DLA 2959-1)
- 181047 Debian Security Update for paramiko (DLA 3104-1)
- 184805 Debian Security Update for paramiko (CVE-2022-24302)
- 198717 Ubuntu Security Notification for Paramiko Vulnerability (USN-5351-1)
- 240363 Red Hat Update for rhv engine and host common packages (RHSA-2022:4712)
- 240992 Red Hat Update for OpenStack Platform 16.1.9 (RHSA-2022:8863)
- 241001 Red Hat Update for OpenStack Platform 16.2.4 (RHSA-2022:8845)
- 282527 Fedora Security Update for python (FEDORA-2022-8eb95d8611)
- 282528 Fedora Security Update for python (FEDORA-2022-806492f1d1)
- 296082 Oracle Solaris 11.4 Support Repository Update (SRU) 48.126.1 Missing (CPUJUL2022)
- 356264 Amazon Linux Security Advisory for python-paramiko : ALASANSIBLE2-2023-002
- 356505 Amazon Linux Security Advisory for python-paramiko : ALAS2ANSIBLE2-2023-002
- 671712 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1759)
- 671763 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1831)
- 671772 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1821)
- 671782 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1852)
- 671786 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1876)
- 671842 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1912)
- 671871 EulerOS Security Update for python-paramiko (EulerOS-SA-2022-1947)
- 752085 SUSE Enterprise Linux Security Update for python-paramiko (SUSE-SU-2022:1446-1)
