VDB
ALPINE-CVE-2016-10010
ALPINE-CVE-2016-10010
PUBLISHED
CVSS 7 HIGH
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
Risk Scores
CVSS v3.0
7
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.6 | openssh | 7.3, 7.3, 7.3 |
| Alpine:v3.23 | openssh | *, *, 7.3_p1-r2 |
| Alpine:v3.15 | openssh | 7.2_p2-r0, 7.2_p2-r1, 7.3_p1-r0 |
| Alpine:v3.14 | openssh | *, 5.1_p1-r1, 0 |
| Alpine:v3.22 | openssh | 0, 5.4_p1-r1, 5.1_p1-r1 |
| Alpine:v3.12 | openssh | 5.1_p1-r1, 7.1_p1-r0, 7.1_p1-r1 |
| Alpine:v3.17 | openssh | *, 0, 5.1_p1-r1 |
| Alpine:v3.5 | openssh | 6.2, 6.2, 6.2 |
| Alpine:v3.13 | openssh | 6.3_p1-r2, *, 5.1_p1-r1 |
| Alpine:v3.20 | openssh | *, *, * |
| Alpine:v3.18 | openssh | 6.7_p1-r0, 5.4_p1-r0, 5.4_p1-r1 |
| Alpine:v3.2 | openssh | *, *, 0 |
| Alpine:v3.3 | openssh | 5.4, 5.4, 5.5 |
| Alpine:v3.8 | openssh | *, 6.2, 6.1 |
| Alpine:v3.11 | openssh | 5.8_p2-r3, 5.9_p1-r3, 6.0_p1-r3 |
| Alpine:v3.9 | openssh | *, 7.3, 7.3 |
| Alpine:v3.19 | openssh | 6.6_p1-r6, 7.3, 5.1_p1-r2 |
| Alpine:v3.16 | openssh | 5.9, 6.3_p1-r1, 6.3_p1-r0 |
| Alpine:v3.7 | openssh | 7.1_p2-r0, 7.5, 7.5 |
| Alpine:v3.4 | openssh | 5.6_p1-r1, 5.8_p1-r0, 5.8_p1-r1 |
…and 2 more
Timeline
- Jan 5, 2017 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch