CVE-2023-25136

Description from NVD

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

Information Acquisition Date:2023-02-24T14:57Z

CVSS 2.0: 0.0 None CVSS 3.x: 9.8 CRITICAL

NVD References

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

CVE Infomation

Exploits or more Infomation

JVN ENG JPN

List of frequently cited URLs

URL	Num of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	222
https://cvetrends.com	49
https://news.ycombinator.com/item?id=34711565	7
https://thehackernews.com/2023/02/openssh-releases-patch-fo...	6
https://www.it-connect.fr/openssh-9-1-affecte-par-une-faill...	6
https://twitter.com/hack_git/status/1628776224699871233	5
https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Doubl...	4
https://blog.qualys.com/vulnerabilities-threat-research/202...	4
https://jfrog.com/blog/openssh-pre-auth-double-free-cve-202...	3
https://seclists.org/oss-sec/2023/q1/92	3
https://frycos.github.io/vulns4free/2023/02/06/goanywhere-f...	3
https://www.da.vidbuchanan.co.uk/blog/exploiting-acropalyps...	3

▼ Show Information from Twitter(19)

User	URL	Info Source	Date
oss_security	http://dlvr.it/SkRhtp	Source oss_security 1632746865107275777	2023/03/06
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-25136	Source threatintelctr 1632779807246123014	2023/03/07
CriminalIP_US	None	Source CriminalIP_US 1632788142259331072	2023/03/07
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-25136	Source threatintelctr 1633202599104225280	2023/03/08
reverseame	https://jfrog.com/blog/openssh-pre-auth-double-free-cve-202...	Source reverseame 1633761119931121664	2023/03/09
ipssignatures	https://twitter.com/reverseame/status/1633761119931121664	Source ipssignatures 1633831505490501637	2023/03/09
oss_security	http://dlvr.it/SkcrRB	Source oss_security 1633835035718721541	2023/03/09
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-25136	Source threatintelctr 1633866964564332544	2023/03/10
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-25136	Source threatintelctr 1633882063680962583	2023/03/10
IT_news_for_all	https://jfrog.com/blog/openssh-pre-auth-double-free-cve-202...	Source IT_news_for_all 1634063396617310208	2023/03/10
IT_news_for_all	https://t.me/s/it_news_for_all/69905	Source IT_news_for_all 1634063396617310208	2023/03/10
IT_news_for_all	https://twitter.com/IT_news_for_all/status/1634063396617310...	Source IT_news_for_all 1634063396617310208	2023/03/10
JFrogSecurity	https://jfrog.com/blog/examining-openssh-sandboxing-and-pri...	Source JFrogSecurity 1635671071994138625	2023/03/15
aidbstech	https://thesecmaster.com/how-to-fix-cve-2023-25136-a-pre-au...	Source aidbstech 1638632414120652805	2023/03/23
aidbstech	https://twitter.com/aidbstech/status/1638632414120652805/ph...	Source aidbstech 1638632414120652805	2023/03/23
cr__sh	https://cra.sh/public_html/strlcpy3/cve-2023-25136-openssh-...	Source cr__sh 1638869450542776320	2023/03/23
slffish	https://www.da.vidbuchanan.co.uk/blog/exploiting-acropalyps...	Source slffish 1642353624603828224	2023/04/02
SelmaR33632785	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25136	Source SelmaR33632785 1646435494983790594	2023/04/13
ipssignatures	https://lists.astaro.com/ASGV9-IPS-rules.html#0	Source ipssignatures 1648084431016538113	2023/04/18

URL	Num of Times Referred to
alerts.vulmon.com	222
cvetrends.com	49
news.ycombinator.com	7
thehackernews.com	6
www.it-connect.fr	6
twitter.com	5
github.com	4
blog.qualys.com	4
jfrog.com	3
seclists.org	3
frycos.github.io	3
www.da.vidbuchanan.co.uk	3

URL

Num of Times Referred to

222

www.da.vidbuchanan.co.uk

User	URL	Info Source
oss_security	dlvr.it	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
CriminalIP_US		Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
reverseame	jfrog.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
oss_security	dlvr.it	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
IT_news_for_all	jfrog.com	Show Tweet
IT_news_for_all	t.me	Show Tweet
IT_news_for_all	twitter.com	Show Tweet
JFrogSecurity	jfrog.com	Show Tweet
aidbstech	thesecmaster.com	Show Tweet
aidbstech	twitter.com	Show Tweet
cr__sh	cra.sh	Show Tweet
slffish	da.vidbuchanan.co.uk	Show Tweet
SelmaR33632785	cve.mitre.org	Show Tweet
ipssignatures	lists.astaro.com	Show Tweet

Name	URL
Christbowel/CVE-2023-25136	https://github.com/Christbowel/CVE-2023-25136
jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free	https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free
ticofookfook/CVE-2023-25136	https://github.com/ticofookfook/CVE-2023-25136

Name

URL

Christbowel/CVE-2023-25136

https://github.com/Christbowel/CVE-2023-25136

jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free

https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free

ticofookfook/CVE-2023-25136

https://github.com/ticofookfook/CVE-2023-25136