OpenSSH 10.3 - Fixes Shell Injection and Security Flaws
Basically, OpenSSH fixed a serious bug that could let hackers take control of systems.
OpenSSH has released version 10.3, fixing a critical shell injection vulnerability. Administrators must review their configurations to avoid potential security risks. Upgrade now to enhance your SSH security.
What Happened
On April 2, 2026, the OpenSSH project released versions 10.3 and 10.3p1. This update addresses a shell injection vulnerability in the -J (ProxyJump) command-line option. Previously, user and host names passed via this option were not validated, allowing attackers to inject malicious commands if these inputs came from untrusted sources.
Who's Affected
This vulnerability primarily impacts administrators using OpenSSH, especially those who utilize the ProxyJump feature. If your SSH configurations allow user inputs for these options, you are at risk.
What Data Was Exposed
While the vulnerability itself does not expose data directly, it opens the door for attackers to execute arbitrary commands on the server. This could lead to unauthorized access or manipulation of sensitive data.
What You Should Do
Administrators should prioritize upgrading to OpenSSH 10.3. Review your current SSH configurations, particularly those using ProxyJump. Ensure that any user inputs are properly sanitized to prevent exploitation. Additionally, check existing SSH certificates for empty principals, as this update changes how they are handled, preventing potential unauthorized access.
Additional Security Changes
The OpenSSH 10.3 release also includes several security-hardening changes. One significant alteration is the handling of SSH certificates. Previously, certificates with an empty principals section acted as wildcards, allowing any user to authenticate if they trusted the issuing Certificate Authority (CA). This behavior has been corrected to prevent accidental broad access.
Legacy Compatibility
OpenSSH has dropped backward compatibility for SSH implementations that do not support transport-layer rekeying. This means that legacy clients or servers may face issues when trying to connect with OpenSSH if they cannot handle rekeying. This change enhances protocol compliance and strengthens security for long-lived sessions.
Conclusion
The OpenSSH 10.3 release is a crucial update that addresses serious vulnerabilities and enhances security measures. Administrators should act swiftly to implement these changes and review their configurations to ensure continued security in their SSH infrastructure.