Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
OpenSSH contains a flaw that may allow a malicious user to bypass access restrictions imposed through the command= keyword for restricted keypairs using authorized_keys2. The issue is triggered when a user logging in via a restricted keypair uses the sftp subsystem to execute commands on the affected server, potentially including file retrieval, replacement, deletion, or permission and ownership alteration. It is possible that the flaw may allow a bypass of the original access restrictions, resulting in a loss of confidentiality, integrity, and/or availability.
Upgrade to version 2.9.9 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch, or by disabling the sftp subsystem.