CVE-2015-6564 — Use After Free in Openssh

CWE-264 CWE-416 — Use After Free7 documents7 sources

Severity

6.9MEDIUMNVD

EPSS

2.0%

top 16.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedAug 24

Latest updateMay 14

Description

Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

▶Debianopenbsd/openssh< 1:6.9p1-1+3

▶NVDopenbsd/openssh6.9

🔴Vulnerability Details

GHSA

GHSA-cm6p-9f8w-c878: Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor↗2022-05-14

▶

OSV

CVE-2015-6564: Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor↗2015-08-24

▶

CVEList

CVE-2015-6564: Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor↗2015-08-24

▶

📋Vendor Advisories

Red Hat

openssh: Use-after-free bug related to PAM support↗2015-08-11

▶

Debian

CVE-2015-6564: openssh - Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c...↗2015

▶

💬Community

Bugzilla

CVE-2015-6564 openssh: Use-after-free bug related to PAM support↗2015-08-12

▶