PublicDateAtUSN: 2021-03-05 21:15:00 UTC
Candidate: CVE-2021-28041
PublicDate: 2021-03-05 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041
 https://www.openwall.com/lists/oss-security/2021/03/03/1
 https://www.openssh.com/security.html
 https://www.openssh.com/txt/release-8.5
 https://ubuntu.com/security/notices/USN-4762-1
Description:
 ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a
 few less-common scenarios, such as unconstrained agent-socket access on a
 legacy operating system, or the forwarding of an agent to an
 attacker-controlled host.
Ubuntu-Description:
Notes:
 seth-arnold> openssh-ssh1 is provided for compatibility with old devices that
  cannot be upgraded to modern protocols. Thus we may not provide security
  support for this package if doing so would prevent access to equipment.
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H [7.1 HIGH]

Patches_openssh:
 upstream: https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db
upstream_openssh: needs-triage
precise/esm_openssh: not-affected (code not present)
trusty_openssh: ignored (out of standard support)
trusty/esm_openssh: not-affected (code not present)
xenial_openssh: not-affected (code not present)
esm-infra/xenial_openssh: not-affected (code not present)
bionic_openssh: not-affected (code not present)
focal_openssh: released (1:8.2p1-4ubuntu0.2)
groovy_openssh: released (1:8.3p1-1ubuntu0.1)
devel_openssh: released (1:8.4p1-4ubuntu2)

Patches_openssh-ssh1:
upstream_openssh-ssh1: ignored (frozen on openssh 7.5p)
precise/esm_openssh-ssh1: DNE
trusty_openssh-ssh1: DNE
trusty/esm_openssh-ssh1: DNE
xenial_openssh-ssh1: DNE
bionic_openssh-ssh1: not-affected (code not present)
focal_openssh-ssh1: not-affected (code not present)
groovy_openssh-ssh1: not-affected (code not present)
devel_openssh-ssh1: not-affected (code not present)