CVE-2021-28041

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
openbsdopenssh
8.2 ≤
𝑥
< 8.5
netappcloud_backup
-
netapphci_management_node
-
netappsolidfire
-
netapphci_compute_node_firmware
-
netapphci_storage_node_firmware
-
oraclecommunications_offline_mediation_controller
12.0.0.3.0
oraclezfs_storage_appliance
8.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssh
bullseye (security)
1:8.4p1-5+deb11u3
fixed
bullseye
1:8.4p1-5+deb11u3
fixed
buster
not-affected
stretch
not-affected
bookworm
1:9.2p1-2+deb12u3
fixed
bookworm (security)
1:9.2p1-2+deb12u3
fixed
sid
1:9.9p1-3
fixed
trixie
1:9.9p1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openssh
groovy
Fixed 1:8.3p1-1ubuntu0.1
released
focal
Fixed 1:8.2p1-4ubuntu0.2
released
bionic
not-affected
xenial
not-affected
trusty
not-affected
openssh-ssh1
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQWGII3LQR4AOTPPFXGMTYE7UDEWIUKI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXST2CML2MWY3PNVUXX7FFJE3ATJMNVZ/
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20210416-0002/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.5
https://www.openwall.com/lists/oss-security/2021/03/03/1
https://www.oracle.com//security-alerts/cpujul2021.html
https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQWGII3LQR4AOTPPFXGMTYE7UDEWIUKI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXST2CML2MWY3PNVUXX7FFJE3ATJMNVZ/
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20210416-0002/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.5
https://www.openwall.com/lists/oss-security/2021/03/03/1
https://www.oracle.com//security-alerts/cpujul2021.html