Updated: 2024-11-24 04:45:40.978726
Description:
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 4.6000000000000005 |
| CVSS Version 3.x | HIGH | 7.1000000000000005 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | openssh | 5.3p1 | 7.1 | HIGH | Not Vulnerable | 2021-12-16 13:40:07 | ||
| CloudLinux 6 ELS | openssh | 5.3p1 | 7.1 | HIGH | Not Vulnerable | 2021-12-16 13:40:07 | ||
| Ubuntu 16.04 ELS | openssh | 7.2p2 | 7.1 | HIGH | Not Vulnerable | 2021-12-16 13:40:07 |