Versions mentioned in the description apply to the upstream
Remediation section below for
Alpine:3.12 relevant versions.
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
openssh to version 8.3_p1-r2 or higher.