OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

VTA-00431 – OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

OpenSSH has released version 9.2 to address security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). The vulnerability, tracked as CVE-2023-25136, has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. It occurs when the ‘options.kex_algorithms’ chunk of memory is freed twice, leading to a double free in the unprivileged sshd process. This can result in memory corruption, and potentially, the execution of arbitrary code. However, OpenSSH notes that this vulnerability is not believed to be exploitable due to the protective measures in place such as modern memory allocators and robust privilege separation and sandboxing implementation.


Attack Surfaces:
Remote Access Service

Execution, Privilege Escalation

Exploitation for Client Execution, Exploitation for Privilege Escalation

Active Defense Tactics:

Active Defense Techniques:
Software Manipulation, Standard Operating Procedure

SuperPRO’s Threat Countermeasures Procedures: 
Update OpenSSH to the latest patch. (OpenSSH 9.2/9.2p1)

Contributed by:  Aman

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>