CVE-2023-25136
Description
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that "exploiting this vulnerability will not be easy."
Related CPE's
Could not find any relations
References
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics