pre-authentication double-free in unpriviledged sandboxed client process when the connecting clients banner causes the SSH_OLD_DHGEX to be set on the server
pre-authentication double-free in unpriviledged sandboxed client process when the connecting clients banner causes the SSH_OLD_DHGEX to be set on the server
https://www.openwall.com/lists/oss-security/2023/02/02/2 https://github.com/openssh/openssh-portable/commit/486c4dc3b83b4b67d663fb0fa62bc24138ec3946 https://bugzilla.mindrot.org/show_bug.cgi?id=3522
introduced in 9.1, actual exploitability still being investigated