Baba Yaga

**Name of the Vulnerable Software and Affected Versions** OpenSSH versions 7.9p1-alt4.gost.p10.1, 7.9p1-alt4.p10.6, 9.6p1-alt1.gost, 9.6p1-alt2.gost **Description** OpenSSH contains a vulnerability where the `ssh-agent` component incorrectly handles loading certain PKCS#11 providers. This can allow a remote attacker to execute arbitrary code if a user has forwarded their ssh-agent to an untrusted system and that system contains malicious libraries. The vulnerability exists due to improper handling of library loading, potentially leading to the execution of untrusted code. **Recommendations** Update OpenSSH to version 7.9p1-alt4.gost.p10.1, 7.9p1-alt4.p10.6, 9.6p1-alt1.gost, or 9.6p1-alt2.gost.