Advertisement
Top
image credit: Adobe Stock

OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

February 6, 2023

Via: The Hacker News
Category:

The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd).

Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1.

“This is not believed to be exploitable, and it occurs in the unprivileged pre-auth process that is subject to chroot(2) and is further sandboxed on most major platforms,” OpenSSH disclosed in its release notes on February 2, 2023.

Read More on The Hacker News

RELATED PUBLICATIONS

How to mirror your iPhone to your TV
Microsoft is quietly installing a Copilot app on Windows 11 PCs
Samsung Galaxy A35 in for review

Latest Publications

AMD’s Zen 5 CPUs are ‘imminent’ and another motherboard maker seemingly confirms them as Ryzen 9000 chips
Do you need to repatriate from the cloud?
TikTok is another step closer to a ban in the US following Senate vote
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
The cloud is not a slam dunk platform for generative AI
Technology Curated Copyright © 2024. All rights reserved