Unrated severityNVD Advisory· Published Nov 8, 2013· Updated Jun 16, 2026
CVE-2013-4548
CVE-2013-4548
Description
The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: 6.2, 6.3
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.