VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 5, 2021· Updated Aug 3, 2024

CVE-2021-28041

CVE-2021-28041

Description

A double free vulnerability in ssh-agent in OpenSSH before 8.5 could allow an attacker with agent-socket access to cause memory corruption, potentially leading to denial of service or arbitrary code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A double free vulnerability in ssh-agent in OpenSSH before 8.5 could allow an attacker with agent-socket access to cause memory corruption, potentially leading to denial of service or arbitrary code execution.

Vulnerability

A double free vulnerability exists in the ssh-agent component of OpenSSH versions prior to 8.5. The bug occurs when parsing key constraint extensions in ssh-agent.c; a malformed message can cause the same memory region to be freed twice, corrupting the heap. This issue is triggered when an attacker sends a crafted SSH_AGENTC_ADD_IDENTITY or similar message to the agent. The vulnerability is present in all OpenSSH versions before 8.5 [2][3].

Exploitation

Exploitation requires the attacker to have access to the ssh-agent socket. This could occur in less-common scenarios such as unconstrained agent-socket access on legacy operating systems or when agent forwarding is used to an attacker-controlled host. The attacker sends a specially crafted request to the agent, causing a double free. No authentication is needed beyond socket access [1][2].

Impact

A successful double free can lead to heap corruption, potentially resulting in denial of service or arbitrary code execution within the context of the ssh-agent process. The exact impact depends on the memory allocator and system state, but code execution could allow the attacker to compromise the agent's private keys [1][4].

Mitigation

The vulnerability is fixed in OpenSSH 8.5, released on March 3, 2021 [2][3]. Users should upgrade to version 8.5 or later. There are no known workarounds; the fix is included in the commit that refactored key constraint extension parsing [4].

References
  1. OpenSSH: Security
  2. security - Announce: OpenSSH 8.5 released
  3. https://www.openssh.com/txt/release-8.5
  4. upstream: factor SSH_AGENT_CONSTRAIN_EXTENSION parsing into its own · openssh/openssh-portable@e04fd6d

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

9

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"Double-free in parse_key_constraints() due to free(ext_name) being called on an uninitialized pointer when an error occurs in a non-extension constraint branch."

Attack vector

An attacker who can send crafted messages to an ssh-agent (e.g., via unconstrained agent-socket access on a legacy OS, or by having the agent forwarded to an attacker-controlled host) can trigger the double-free. The attacker sends a sequence of constraint types where an earlier constraint (like `SSH_AGENT_CONSTRAIN_LIFETIME`) fails, causing the function to jump to the `err:` label, which calls `free(ext_name)` even though `ext_name` was never allocated in that path. This double-free can corrupt heap metadata and potentially lead to code execution. The advisory notes this is relevant in 'a few less-common scenarios' [ref_id=1].

Affected code

The double-free vulnerability resides in `parse_key_constraints()` in `ssh-agent.c`. The old code freed `ext_name` only after the `SSH_AGENT_CONSTRAIN_EXTENSION` case, but if an error occurred earlier (e.g., in `SSH_AGENT_CONSTRAIN_LIFETIME` or `SSH_AGENT_CONSTRAIN_CONFIRM`) the function jumped to the `err:` label, which also called `free(ext_name)` — however, `ext_name` was never allocated in those paths, leading to a double-free on a subsequent call. The patch factors the extension parsing into `parse_key_constraint_extension()` and removes the shared `ext_name` variable from the parent function, eliminating the dangling free.

What the fix does

The patch refactors the `SSH_AGENT_CONSTRAIN_EXTENSION` handling into a new helper function `parse_key_constraint_extension()` and removes the `ext_name` variable from `parse_key_constraints()`. In the old code, `ext_name` was declared in the parent function and freed only after the extension case, but the `err:` label also called `free(ext_name)` — if an error occurred in a different constraint branch (where `ext_name` was never allocated), the `err:` path would free an uninitialized or stale pointer, causing a double-free. The new code allocates and frees `ext_name` entirely within the helper, so no dangling free can occur across different constraint types [ref_id=1].

Preconditions

  • networkAttacker must be able to send crafted messages to the ssh-agent (e.g., via unconstrained agent-socket access on a legacy OS, or by having the agent forwarded to an attacker-controlled host).
  • inputThe agent must process a sequence of constraint types where an earlier constraint fails, causing a jump to the error label that frees ext_name even though it was never allocated.

Generated on May 29, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

9

News mentions

0

No linked articles in our index yet.