all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

Add to bookmarks
Feb. 6, 2023, 9:55 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd).
Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1.
"This is not believed to be exploitable, and it occurs in the unprivileged pre-auth

address auth authentication bugs classified cve cve-2023-25136 free maintainers memory memory safety openssh patch pre-auth double free vulnerability releases safety security server version vulnerability

Visit resource

More from thehackernews.com / The Hacker News

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny 54 minutes ago | thehackernews.com
address authority browser chrome +24
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage an hour ago | thehackernews.com
actor arcanedoor campaign cisco +28
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks 17 hours ago | thehackernews.com
april assets attacks command +19
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike 17 hours ago | thehackernews.com
attack called campaign cobalt +22
Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users 21 hours ago | thehackernews.com
app apps baidu chinese +22
CISO Perspectives on Complying with Cybersecurity Regulations 22 hours ago | thehackernews.com
accountability ciso cisos compliance +22
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners 1 day ago | thehackernews.com
actor antivirus antivirus software avast +22
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers 1 day, 2 hours ago | thehackernews.com
actor cache campaign cdn +20
Apache Cordova App Harness Targeted in Dependency Confusion Attack 1 day, 17 hours ago | thehackernews.com
actor apache app attack +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland
View on infosec-jobs.com

Specialist, Database Security

@ OP Financial Group | Helsinki, FI
View on infosec-jobs.com

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)
View on infosec-jobs.com

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com
View more jobs