MiracleLinux 9 : openssh-8.7p1-29.el9 (AXSA:2023-6041:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6041:05 advisory. openssh: the functions orderhostkeyalgs and listhostkeytypes leads to double-free vulnerability CVE-2023-25136 Tenable has extracted the preceding descriptio...

openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability

A flaw was found in the OpenSSH server sshd, which introduced a double-free vulnerability during options.kexalgorithms handling. An unauthenticated attacker can trigger the double-free in the default configuration...