Red Hat Bugzilla – Bug 800655
CVE-2012-0920 dropbear: use-after-free vulnerability
Last modified: 2014-08-29 12:29:41 EDT
It was reported  that the Dropbear SSH server suffered from a use-after-free flaw in how the server managed channels concurrency. A specially-crafted request could trigger a use-after-free condition which could then be used to potentially execute arbitrary code with root privileges, provided that the user has been authenticated using a public key and also that a command restriction is enforced (the "command" option must be used in the authorized_keys file).
This has been corrected upstream in version 2012.55  and is reported to affect versions 0.52 through 2011.54.
Tracking bugs were filed for:
Fedora-all: bug #800656
EPEL-6: bug #800657
dropbear-0.55-1 has been pushed to all supported versions of Fedora and EPEL: