Headline
RHSA-2023:2645: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-25136: A flaw was found in the OpenSSH server (sshd), which introduced a double-free vulnerability during options.kex_algorithms handling. An unauthenticated attacker can trigger the double-free in the default configuration.
Synopsis
Moderate: openssh security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openssh is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
- openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability (CVE-2023-25136)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
Fixes
- BZ - 2167636 - CVE-2023-25136 openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability
Red Hat Enterprise Linux for x86_64 9
SRPM
openssh-8.7p1-29.el9_2.src.rpm
SHA-256: c5bdd1ae721697ac3a75811f0fcb0f982fb4dc8f50c1675574841ca43c5f1d9b
x86_64
openssh-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 1afb7eff0aba90bd478c52df96cb4c716cb07ab8b17861c05378fe2ea01526eb
openssh-askpass-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 1260f17eea59feaf58ef5f56f08a4fb52d0cac29eab0e40ceaa643bf2d381698
openssh-askpass-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 89adad8e2f06f052a8625d0f12eed2b9635db41611a6e1f68d8109e82810239f
openssh-askpass-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 89adad8e2f06f052a8625d0f12eed2b9635db41611a6e1f68d8109e82810239f
openssh-clients-8.7p1-29.el9_2.x86_64.rpm
SHA-256: cd5d58f6a508761f37dcbb43cfc990771a5560d91087fe4e44bcbdb925f69dd5
openssh-clients-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: f851e187cf670f578e13384cb13dc69fa12806645a426b093d5b56af26c06002
openssh-clients-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: f851e187cf670f578e13384cb13dc69fa12806645a426b093d5b56af26c06002
openssh-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 078f8ee8c6e4faf093a09d2416d11deadb211c486d0d0f19f9fd194979bbfc04
openssh-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 078f8ee8c6e4faf093a09d2416d11deadb211c486d0d0f19f9fd194979bbfc04
openssh-debugsource-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 65d273e11160743e8fd9c763d8e0b7385b32539b3f0874088ba705efe4e90907
openssh-debugsource-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 65d273e11160743e8fd9c763d8e0b7385b32539b3f0874088ba705efe4e90907
openssh-keycat-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 7c14c34f439dcbf432595901c20a1c0ec032e81fca476ee9c9f0b81fea2fc2a8
openssh-keycat-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: e59b9ebae3cb6132e4aebe8b107e09ce27e3fcc5787f064b294f055101ccfc41
openssh-keycat-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: e59b9ebae3cb6132e4aebe8b107e09ce27e3fcc5787f064b294f055101ccfc41
openssh-server-8.7p1-29.el9_2.x86_64.rpm
SHA-256: c91848c5436fb5eb5cc9366d65a5658629f70db71a6ceb59a11e1a8d6dc50d1e
openssh-server-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 9a6e1fe0ba82e5e49822663ed96e1203e4b17580fce1a44c1460df51199c06f6
openssh-server-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 9a6e1fe0ba82e5e49822663ed96e1203e4b17580fce1a44c1460df51199c06f6
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 09c91f0c239d70e7cb7fc946b7afb51d204cd9e8b8e88ac091149b84a315471b
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.x86_64.rpm
SHA-256: 09c91f0c239d70e7cb7fc946b7afb51d204cd9e8b8e88ac091149b84a315471b
pam_ssh_agent_auth-0.10.4-5.29.el9_2.x86_64.rpm
SHA-256: aae0ebd22c41f7c7a8739f800516674d6a0afeff2cd8674d1caa8df0f1fea6af
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.x86_64.rpm
SHA-256: dbba259ad61ed4fb72fd41d83ce44d3dee7dbb7c769d75dcd52ef5b100e5b3d9
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.x86_64.rpm
SHA-256: dbba259ad61ed4fb72fd41d83ce44d3dee7dbb7c769d75dcd52ef5b100e5b3d9
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
openssh-8.7p1-29.el9_2.src.rpm
SHA-256: c5bdd1ae721697ac3a75811f0fcb0f982fb4dc8f50c1675574841ca43c5f1d9b
s390x
openssh-8.7p1-29.el9_2.s390x.rpm
SHA-256: faab6f014dc82a8f4e68ca5f2de375865804e19e02f98490530bba4022b75e9c
openssh-askpass-8.7p1-29.el9_2.s390x.rpm
SHA-256: 9fc150d98641acdc2f14b34e70c663468e0dbf9a496e863cfa110e2577497cb9
openssh-askpass-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 264a0c2cf0788717b8c400b688365682e4bf20f0696e8836b700218d41e01fe9
openssh-askpass-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 264a0c2cf0788717b8c400b688365682e4bf20f0696e8836b700218d41e01fe9
openssh-clients-8.7p1-29.el9_2.s390x.rpm
SHA-256: a4fe536f2ce0ab8a2bc25942b92a567298201196c47b358f605db41d72b48292
openssh-clients-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: b2d9e924dfa9588659cfb7796c0125447adaa119ed9954e0866e218083bea071
openssh-clients-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: b2d9e924dfa9588659cfb7796c0125447adaa119ed9954e0866e218083bea071
openssh-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 6a1f602e086d1a20fa030ba88d14d23b0e2ba66803198004ba45fc1dce033da8
openssh-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 6a1f602e086d1a20fa030ba88d14d23b0e2ba66803198004ba45fc1dce033da8
openssh-debugsource-8.7p1-29.el9_2.s390x.rpm
SHA-256: 6e95cc23389b9b4a4ff7a1d21a8a39dc542e41fcd42b39308f077eb629c1b745
openssh-debugsource-8.7p1-29.el9_2.s390x.rpm
SHA-256: 6e95cc23389b9b4a4ff7a1d21a8a39dc542e41fcd42b39308f077eb629c1b745
openssh-keycat-8.7p1-29.el9_2.s390x.rpm
SHA-256: 7a70243e7c2925b06fe751e4d6f8b8f42ba9143fcb31fd6923d9f4443e94fbfb
openssh-keycat-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: ca1ad941047e9ed97a2e3456adde4845505f1619a73fd819157201c10a2c294b
openssh-keycat-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: ca1ad941047e9ed97a2e3456adde4845505f1619a73fd819157201c10a2c294b
openssh-server-8.7p1-29.el9_2.s390x.rpm
SHA-256: d1a0b4e361a2d995b0a5966713f9135956fb2897cf05eb148ab1440e01d5155c
openssh-server-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 1686a3d1263597f0f545c6f73a3b287ad9f2bb05b21a8603907ecb7bb218db25
openssh-server-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 1686a3d1263597f0f545c6f73a3b287ad9f2bb05b21a8603907ecb7bb218db25
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 388ede8152047128ee10cbe1732fa493ae225d81b93d517d76302d6f480a86ab
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.s390x.rpm
SHA-256: 388ede8152047128ee10cbe1732fa493ae225d81b93d517d76302d6f480a86ab
pam_ssh_agent_auth-0.10.4-5.29.el9_2.s390x.rpm
SHA-256: b91015f1e8b87ab7866ff232169bb49c8026d75abf457aab05053de2b09cfcca
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.s390x.rpm
SHA-256: df0278059af4ec81ba1ba7050afe159de39afd1681f3a6a5c424118ead87a90f
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.s390x.rpm
SHA-256: df0278059af4ec81ba1ba7050afe159de39afd1681f3a6a5c424118ead87a90f
Red Hat Enterprise Linux for Power, little endian 9
SRPM
openssh-8.7p1-29.el9_2.src.rpm
SHA-256: c5bdd1ae721697ac3a75811f0fcb0f982fb4dc8f50c1675574841ca43c5f1d9b
ppc64le
openssh-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 085800e1c30e100ea48d7af16f42920d366ffb73413bd2fbf528114e7d1050a2
openssh-askpass-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 42ea833a8a1cb10a60236b075c72447aa89cb10f003509be697f2367c0ac8c94
openssh-askpass-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 6c7b4cdec986a64bcb24ca53aaa8afab939e825d28a9209acc9c18a96d299ee7
openssh-askpass-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 6c7b4cdec986a64bcb24ca53aaa8afab939e825d28a9209acc9c18a96d299ee7
openssh-clients-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 297cb2ce722892547b4b1d74748d8b505ef8a65944c73085d3c82c23dd394961
openssh-clients-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 40dd3776c6f620c1416965088eda20319db36a64c8b2d433baaaf9b31dff62aa
openssh-clients-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 40dd3776c6f620c1416965088eda20319db36a64c8b2d433baaaf9b31dff62aa
openssh-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 5397fade5fe78e23f1874f564837db7a5c721df6dc858a66d3094629da454513
openssh-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 5397fade5fe78e23f1874f564837db7a5c721df6dc858a66d3094629da454513
openssh-debugsource-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 78bdcc67c79ec3f30bb5b19ea8c800572bc9d60b57a94eb851b5bdd6b2113ae8
openssh-debugsource-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 78bdcc67c79ec3f30bb5b19ea8c800572bc9d60b57a94eb851b5bdd6b2113ae8
openssh-keycat-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 1609fe1ed505185e07c3cb5af28bf7eb3dc902ab4f2508fe7f1ed33b7ee35748
openssh-keycat-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 389bd16eb53ada8e8fbaa8dcc4705c350cf7104d1ed480f5abba66a086f949c9
openssh-keycat-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 389bd16eb53ada8e8fbaa8dcc4705c350cf7104d1ed480f5abba66a086f949c9
openssh-server-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: 5d4403b4b2a5bbf2b7b65efdcf609d3744efa13944c85a41a1eedf31d1ddb63e
openssh-server-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: d196e86eaee8e8f1446148e9abe041c80548430b71fd41ab5b3d8e02cbd598b1
openssh-server-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: d196e86eaee8e8f1446148e9abe041c80548430b71fd41ab5b3d8e02cbd598b1
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: e668857c35aab2c11377a9077f0cb4bfde8e85a30e376591dfbd0c731ac655db
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.ppc64le.rpm
SHA-256: e668857c35aab2c11377a9077f0cb4bfde8e85a30e376591dfbd0c731ac655db
pam_ssh_agent_auth-0.10.4-5.29.el9_2.ppc64le.rpm
SHA-256: ad0cac44c9f2e1c7bb1edb87e7463972422e761cd84c94338c18aaeea71605bc
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.ppc64le.rpm
SHA-256: 7c4acb08c4ff299561a84de663fa6c290683f174915be36bda7888ef3bd686f4
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.ppc64le.rpm
SHA-256: 7c4acb08c4ff299561a84de663fa6c290683f174915be36bda7888ef3bd686f4
Red Hat Enterprise Linux for ARM 64 9
SRPM
openssh-8.7p1-29.el9_2.src.rpm
SHA-256: c5bdd1ae721697ac3a75811f0fcb0f982fb4dc8f50c1675574841ca43c5f1d9b
aarch64
openssh-8.7p1-29.el9_2.aarch64.rpm
SHA-256: d5175386359717a3f56fc1be870259057e1efd02676b2056080944d52d5a2d5a
openssh-askpass-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 3280ebbcdb37fb77b7c8f0486d1a5d2ebcdda007b9d1454d570d19f4d119e9f7
openssh-askpass-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 7a21443ced394c65b77947a2c0c07307710fc274bf725e6270f9b3d837c1ff92
openssh-askpass-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 7a21443ced394c65b77947a2c0c07307710fc274bf725e6270f9b3d837c1ff92
openssh-clients-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 5f3365b6700497e3163c25e19421abea9165daca2a786244ed9f949be2d7753d
openssh-clients-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 671bafc6548a19ad95d26fd5b604af364d8299cc34204d2f6b47dd255877a7ac
openssh-clients-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 671bafc6548a19ad95d26fd5b604af364d8299cc34204d2f6b47dd255877a7ac
openssh-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 454e277174772d0ff60d78dc20aada5d26f069c8812487bf7f53c6000866b596
openssh-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 454e277174772d0ff60d78dc20aada5d26f069c8812487bf7f53c6000866b596
openssh-debugsource-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 0f477d36cb0607c833767e8bca7dc5a8fe314c154f4a0b4cd7878a6d6f0babc6
openssh-debugsource-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 0f477d36cb0607c833767e8bca7dc5a8fe314c154f4a0b4cd7878a6d6f0babc6
openssh-keycat-8.7p1-29.el9_2.aarch64.rpm
SHA-256: dc6a95f2741c00fbf4b439506666bf020e84f1bed508143e7b863b9bc2fb10c3
openssh-keycat-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: a9ef6441df5c978a36b61cbe5ca0d3e520c4435638388b0edcf1fc9afa4a9c52
openssh-keycat-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: a9ef6441df5c978a36b61cbe5ca0d3e520c4435638388b0edcf1fc9afa4a9c52
openssh-server-8.7p1-29.el9_2.aarch64.rpm
SHA-256: 8c348310518b9dbc7ce3b7aa80e4bf12600b19bb509d1fc88886463cf613d430
openssh-server-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: b1025a9eacbaaf6e3154d72e11395e4763796471d85567064fe652a2211c65f9
openssh-server-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: b1025a9eacbaaf6e3154d72e11395e4763796471d85567064fe652a2211c65f9
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: e30fd8309f390adf9ec1656559dacbc5ea43e56434e2d03cd3bcfdd634ffcc5e
openssh-sk-dummy-debuginfo-8.7p1-29.el9_2.aarch64.rpm
SHA-256: e30fd8309f390adf9ec1656559dacbc5ea43e56434e2d03cd3bcfdd634ffcc5e
pam_ssh_agent_auth-0.10.4-5.29.el9_2.aarch64.rpm
SHA-256: 8bb5631d2da6596748d97cea0b7ec4e393575684a46f3897c04c6fb5951248f8
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.aarch64.rpm
SHA-256: 738e5868ab40434a48a6b0f5c7b67c2de9e5939e1dbc209626e8d1ea163decf8
pam_ssh_agent_auth-debuginfo-0.10.4-5.29.el9_2.aarch64.rpm
SHA-256: 738e5868ab40434a48a6b0f5c7b67c2de9e5939e1dbc209626e8d1ea163decf8
Related news
Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.
Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
Categories: Exploits and vulnerabilities Categories: News Tags: patch Tuesday Tags: Microsoft Tags: Apple Tags: Adobe Tags: SAP Tags: Citrix Tags: Cisco Tags: Atlassian Tags: Google Tags: Mozilla Tags: Forta Tags: OpenSSH Tags: CVE-2023-21823 Tags: CVE-2023-21715 Tags: OneNote Tags: CVE-2023-23376 Tags: CVE-2023-21706 Tags: CVE-2023-21707 Tags: CVE-2023-21529 Tags: CVE-2023-21716 Tags: CVE-2023-23378 Tags: CVE-2023-22501 Tags: CVE-2023-24486 Tags: CVE-2023-24484 Tags: CVE-2023-24484 Tags: CVE-2023-24483 Tags: CVE-2023-25136 Tags: GoAnywhere Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors (Read more...) The post Update now! February's Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.
The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. "This is not believed to be exploitable, and it occurs in the unprivileged pre-auth
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that "exploiting this vulnerability will not be easy."