CVE-2023-25136

CVE-2023-25136

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that "exploiting this vulnerability will not be easy."

Source: CVE-2023-25136

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다