PT-2023-1368 · Openssh+5 · Openssh+5

Mantas Mikulenas

Publicado

2023-02-02

Atualizado

2026-05-28

CVE-2023-25136

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions OpenSSH versions 9.1 through 9.1

Description The issue is related to a double-free vulnerability in the options.kex algorithms handling of the OpenSSH server. This vulnerability can be leveraged by an unauthenticated remote attacker in the default configuration to potentially execute arbitrary code. The vulnerability is considered difficult to exploit due to modern memory allocators' protective measures and the separation of privileges and sandboxing implemented in the sshd process.

Recommendations For OpenSSH version 9.1, update to OpenSSH 9.2 to resolve the issue. As a temporary workaround, consider restricting access to the options.kex algorithms handling until a patch is available.

Exploit

Correção

RCE

Double Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-415

Identificadores relacionados

ALSA-2023:2645

ALSA-2023_2645

ALSA-2024_1130

ALSA-2024_1150

ALSA-2025_16880

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2023-00711

CVE-2023-25136

ELSA-2023-2645

FREEBSD-SA-23_02

JLSEC-2026-66

OESA-2023-1063

OESA-2023-1064

RHSA-2023:2645

RHSA-2023_2645

ROSA-SA-2023-2127

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Freebsd

Openssh

Red Hat

PT-2023-1368 · Openssh+5 · Openssh+5

CVE-2023-25136

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 68