[Bug 3969] New: SSH Client Attempts to Load Large Identity File

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jun 19 07:08:55 AEST 2026


https://bugzilla.mindrot.org/show_bug.cgi?id=3969

            Bug ID: 3969
           Summary: SSH Client Attempts to Load Large Identity File
           Product: Portable OpenSSH
           Version: 10.3p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: minor
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: tessgauthier at microsoft.com

Created attachment 3965
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3965&action=edit
sshkey_try_load_public() patch

When attempting to load a public-key passed in via -i,
sshkey_try_load_public() has no upper bound for file size, compared to
the equivalent path for a private-key in sshbuf_load_fd().

A fail-fast guard would ensure the behavior is identical for both types
of keys. Attached is a proposed patch.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list