Segfault on invalid SSH keys.

Damien Miller djm at
Fri Oct 16 07:36:05 AEDT 2015

On Thu, 15 Oct 2015, Steve Kemp wrote:

> > ok, I can reproduce it in 6.6, but it's fixed in 6.8.
>   Thanks for checking. I guess a CVE would make tracking useful for
>  the future, but it is low risk DoS for most people, so I'll not push
>  it :)

There's no vulnerability here - it's an unexploitable NULL dereference.

I can't see how it would be a denial of service either, because
attempting to parse they key was always going to yield a fatal() exit


More information about the openssh-unix-dev mailing list