Mrs. Christiana Kozakou, is the Head of Marketing at Odyssey Cybersecurity, where she leads and oversees strategic marketing efforts for Odyssey and ClearSkies brands around the globe. Her expertise lies in designing and coordinating 360-degree marketing campaigns and crafting effective marketing penetration strategies for exploring new markets. Mrs. Kozakou is a dynamic professional driven by her passion for unleashing potential in every endeavour, leading a team of creative marketers, working together towards one goal: to give voice to Odyssey and its people so the world can become a cyber safer place. Throughout her 10 years career, Mrs. Kozakou has served in key roles in Advertising, Business Development and Digital Marketing in International companies. A fervent believer in empowering women, she served as a dedicated volunteer for IWIB’s International Team, fostering growth and opportunities for aspiring leaders. Her educational background boasts a Master of Business Administration (MBA), Bachelor’s degrees in Marketing and Sociology.
New Pre-Auth Double Free Vulnerability on OpenSSH
Threat Level Description
Threat Level: High - An attack is highly likely. Additional and sustainable protective security measures reflecting the broad nature of the threat combined with specific business and geographical vulnerabilities and judgments on acceptable risk.
Description
We have observed that a vulnerability in OpenSSH version 9.1, with a severe potential impact, has been identified.
An attacker, by exploiting this vulnerability, could achieve remote code execution on affected systems and possible perform Denial of Service attacks.
OpenSSH is a tool for secure communication and remote access, gaining widespread popularity due to its efficiency and versatility. Developed as a cost-free, open-source implementation of the Secure Shell (SSH) communications protocol, OpenSSH is widely used for various applications.
Tracked as CVE-2023-25136, this flaw has been classified as a pre-authentication double-free vulnerability, occurring during “options.kex_algorithms” handling.
Double free flaws arise when a vulnerable piece of code calls the “free()” function, which is used to deallocate memory blocks twice, leading to memory corruption that consequently could lead to a crash or execution of arbitrary code.
A Proof of Concept (PoC) has been released recently. Thus, malicious actors could utilize this PoC in order to identify and exploit this vulnerability in the wild.
CVE(s)
CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."
Affected Systems
Recommendation(s)
You should proceed and update to the latest OpenSSH version (9.2p1.) or/and implement the relevant patches provided by the vendor.
You should understand the importance of security updates, and the urgency with which they should be applied, no matter how large or small your organization is. It is very important to apply an efficient patch management solution and always have enabled an active event security logging and practice event monitoring. To protect the valuable assets of your business and be compliant with the relevant industry regulations requires a comprehensive approach to the management of risk, including Penetration Testing at least annually and upon significant changes.