5 matches found
SUSE CVE-2023-25136
OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One...
OESA-2023-1063 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...
Double Free
Overview Affected versions of this package are vulnerable to Double Free during options.kexalgorithms handling. The double free can be triggered by an unauthenticated attacker in the default configuration. Remediation A fix was pushed into the master branch but not yet published. References -...
CVE-2023-25136
OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One...
PT-2023-1368
Name of the Vulnerable Software and Affected Versions OpenSSH versions 9.1 through 9.1 Description The issue is related to a double-free vulnerability in the options.kex algorithms handling of the OpenSSH server. This vulnerability can be leveraged by an unauthenticated remote attacker in the...