ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a
few less-common scenarios, such as unconstrained agent-socket access on a
legacy operating system, or the forwarding of an agent to an
attacker-controlled host.
Author | Note |
---|---|
seth-arnold | openssh-ssh1 is provided for compatibility with old devices that cannot be upgraded to modern protocols. Thus we may not provide security support for this package if doing so would prevent access to equipment. |
launchpad.net/bugs/cve/CVE-2021-28041
nvd.nist.gov/vuln/detail/CVE-2021-28041
security-tracker.debian.org/tracker/CVE-2021-28041
ubuntu.com/security/notices/USN-4762-1
www.cve.org/CVERecord?id=CVE-2021-28041
www.openssh.com/security.html
www.openssh.com/txt/release-8.5
www.openwall.com/lists/oss-security/2021/03/03/1