Mantas Mikulenas

**Name of the Vulnerable Software and Affected Versions** OpenSSH versions 9.1 through 9.1 **Description** The issue is related to a double-free vulnerability in the options.kex algorithms handling of the OpenSSH server. This vulnerability can be leveraged by an unauthenticated remote attacker in the default configuration to potentially execute arbitrary code. The vulnerability is considered difficult to exploit due to modern memory allocators' protective measures and the separation of privileges and sandboxing implemented in the sshd process. **Recommendations** For OpenSSH version 9.1, update to OpenSSH 9.2 to resolve the issue. As a temporary workaround, consider restricting access to the `options.kex algorithms` handling until a patch is available.