Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-6564
HistoryAug 24, 2015 - 12:00 a.m.

CVE-2015-6564

2015-08-2400:00:00
ubuntu.com
ubuntu.com
101

0.0004 Low

EPSS

Percentile

9.8%

Use-after-free vulnerability in the mm_answer_pam_free_ctx function in
monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might
allow local users to gain privileges by leveraging control of the sshd uid
to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchopenssh< 1:5.9p1-5ubuntu1.6UNKNOWN
ubuntu14.04noarchopenssh< 1:6.6p1-2ubuntu2.2UNKNOWN
ubuntu15.04noarchopenssh< 1:6.7p1-5ubuntu1.2UNKNOWN