CVE-2021-28041
published 2021-03-05CVE-2021-28041: ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy…
high7.1CVSS 3.1
AVNACHPRLUIRSUCHIHAH
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:8.4p1-5 (bookworm) | openssh 1:8.4p1-5 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | openssh-8.5p1-1.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | openssh-8.5p1-1.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | openssh-clients-8.5p1-1.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | openssh-clients-8.5p1-1.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | openssh-debuginfo-8.5p1-1.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | openssh-debuginfo-8.5p1-1.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | openssh-server-8.5p1-1.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | openssh-server-8.5p1-1.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| openbsd | openssh | >= 0 < 1:8.4p1-5 | 1:8.4p1-5 |
| openbsd | openssh | >= 0 < 1:8.4p1-5 | 1:8.4p1-5 |
| openbsd | openssh | >= 0 < 1:8.4p1-5 | 1:8.4p1-5 |
| openbsd | openssh | >= 0 < 1:8.4p1-5 | 1:8.4p1-5 |
| openbsd | openssh | >= 8.2 < 8.5 | 8.5 |
| oracle | communications_offline_mediation_controller | — | — |
| oracle | zfs_storage_appliance | — | — |
| paloalto | pan-os | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
osv7.1HIGH