CVE-2023-25136

Description

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that "exploiting this vulnerability will not be easy."

Related CPE's

Could not find any relations

References

https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/017_sshd.patch.sig

https://bugzilla.mindrot.org/show_bug.cgi?id=3522

https://github.com/openssh/openssh-portable/commit/486c4dc3b83b4b67d663fb0fa62bc24138ec3946

https://www.openwall.com/lists/oss-security/2023/02/02/2

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io