ROSA LABROSA-SA-2023-2127

HistoryFeb 28, 2023 - 10:34 a.m.

Advisory ROSA-SA-2023-2127

2023-02-2810:34:46

ROSA LAB

abf.rosalinux.ru

0.011 Low

EPSS

Percentile

84.4%

JSON

Software: openssh 7.4
OS: rosa-server79

package_evr_string: openssh-7.4p1-21

CVE-ID: CVE-2023-25136
BDU-ID: 2023-00711
CVE-Crit: CRITICAL
CVE-DESC: A vulnerability in the options.kex_algorithms component of the OpenSSH cryptographic security tool server is associated with a memory re-release error. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: N/A
CVE-REV: N/A

OSVersionArchitecturePackageVersionFilename
rosaanynoarchopenssh< 7.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
rosa	any	noarch	openssh	< 7.4	UNKNOWN

openvas

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-2479)

2023-07-31 00:00:00

Fedora: Security Advisory for openssh (FEDORA-2023-123647648e)

2023-04-20 00:00:00

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-2454)

2023-07-31 00:00:00

nessus

EulerOS 2.0 SP10 : openssh (EulerOS-SA-2023-1959)

2023-05-18 00:00:00

EulerOS 2.0 SP10 : openssh (EulerOS-SA-2023-1981)

2023-05-18 00:00:00

Fedora 38 : openssh (2023-123647648e)

2023-04-20 00:00:00

prion

Double free

2023-02-03 06:15:00

fedora

[SECURITY] Fedora 38 Update: openssh-9.0p1-15.fc38

2023-04-19 01:40:35

[SECURITY] Fedora 37 Update: openssh-8.8p1-10.fc37

2023-04-18 01:32:15

githubexploit

Exploit for Double Free in Openbsd Openssh

2023-09-04 19:28:43

Exploit for Double Free in Openbsd Openssh

2023-04-28 19:46:03

Exploit for Double Free in Openbsd Openssh

2023-02-22 19:44:08

redhatcve

CVE-2023-25136

2023-02-07 06:57:18

almalinux

Moderate: openssh security update

2023-05-09 00:00:00

K000132929 : OpenSSH vulnerability CVE-2023-25136

2023-03-10 00:00:00

cve

CVE-2023-25136

2023-02-03 06:15:09

debiancve

CVE-2023-25136

2023-02-03 06:15:09

osv

Moderate: openssh security update

2023-05-09 00:00:00

CVE-2023-25136

2023-02-03 06:15:09

wolfi

CVE-2023-25136 vulnerabilities

2024-06-02 22:01:16

freebsd

FreeBSD -- OpenSSH pre-authentication double free

2023-02-16 00:00:00

redhat

(RHSA-2023:2645) Moderate: openssh security update

2023-05-09 10:14:26

(RHSA-2023:3367) Important: OpenShift Container Platform 4.13.2 bug fix and security update

2023-06-07 01:48:02

(RHSA-2023:3742) Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

2023-06-21 15:20:50

cvelist

CVE-2023-25136

2023-02-03 00:00:00

cgr

CVE-2023-25136 vulnerabilities

2024-05-19 03:07:16

oraclelinux

openssh security update

2023-05-17 00:00:00

cbl_mariner

CVE-2023-25136 affecting package openssh 8.9p1-4

2024-06-02 22:01:22

CVE-2023-25136 affecting package openssh 8.9p1-3

2024-06-02 22:01:17

thn

OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

2023-02-06 09:55:00

New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

2023-07-24 09:10:00

freebsd_advisory

FreeBSD-SA-23:02.openssh

2023-02-16 00:00:00

ubuntucve

CVE-2023-25136

2023-02-03 00:00:00

qualysblog

CVE-2023-25136: Pre-Auth Double Free Vulnerability in OpenSSH Server 9.1

2023-02-03 19:37:22

gentoo

OpenSSH: Remote Code Execution

2023-07-20 00:00:00

trellix

The Bug Report – February 2023 Edition

2023-03-01 00:00:00

The Bug Report – February 2023 Edition

2023-03-01 00:00:00

ibm

Security Bulletin: Vulnerabilities in Pypa Setuptools, Golang Go, OpenSSH, Minio and Certifi may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

2023-03-29 15:18:12

malwarebytes

Update now! February's Patch Tuesday tackles three zero-days

2023-02-15 03:00:00

oracle

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Advisory ROSA-SA-2023-2127

Related