Vulnerability Description
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openbsd | Openssh | >= 8.2, < 8.5 |
| Fedoraproject | Fedora | 33 |
| Netapp | Cloud Backup | - |
| Netapp | Hci Management Node | - |
| Netapp | Solidfire | - |
| Netapp | Hci Compute Node Firmware | - |
| Netapp | Hci Compute Node | - |
| Netapp | Hci Storage Node Firmware | - |
| Netapp | Hci Storage Node | - |
| Oracle | Communications Offline Mediation Controller | 12.0.0.3.0 |
| Oracle | Zfs Storage Appliance | 8.8 |
Related Weaknesses (CWE)
References
- https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397fPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202105-35Third Party Advisory
- https://security.netapp.com/advisory/ntap-20210416-0002/Third Party Advisory
- https://www.openssh.com/security.htmlNot ApplicableVendor Advisory
- https://www.openssh.com/txt/release-8.5Release NotesVendor Advisory
- https://www.openwall.com/lists/oss-security/2021/03/03/1Mailing ListPatchThird Party Advisory
- https://www.oracle.com//security-alerts/cpujul2021.htmlThird Party Advisory
- https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397fPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202105-35Third Party Advisory
- https://security.netapp.com/advisory/ntap-20210416-0002/Third Party Advisory
- https://www.openssh.com/security.htmlNot ApplicableVendor Advisory
FAQ
What is CVE-2021-28041?
CVE-2021-28041 is a vulnerability with a CVSS score of 7.1 (HIGH). ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an a...
How severe is CVE-2021-28041?
CVE-2021-28041 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-28041?
Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openssh, Fedoraproject Fedora, Netapp Cloud Backup, Netapp Hci Management Node, Netapp Solidfire.