Download
| Alert*
openssh: double-free memory corruption may lead to arbitrary code execution (CVE-2021-28041)
A double-free memory corruption, introduced in OpenSSH 8.2, that could be reached by an attacker with access to the agent socket. Exploitable by a user forwarding an agent either to an account shared with a malicious user or to a host with an attacker holding root access.
|