Vulnerabilities > CVE-2021-28041 - Double Free vulnerability in multiple products

047910
CVSS 4.6 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
openbsd
fedoraproject
CWE-415

Summary

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.

Vulnerable Configurations

Part Description Count
Application
Openbsd
251
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)