A double-free memory corruption, introduced in OpenSSH 8.2, that could be reached by an attacker with access to the agent socket. Exploitable by a user forwarding an agent either to an account shared with a malicious user or to a host with an attacker holding root access.