Segfault on invalid SSH keys.
djm at mindrot.org
Fri Oct 16 07:36:05 AEDT 2015
On Thu, 15 Oct 2015, Steve Kemp wrote:
> > ok, I can reproduce it in 6.6, but it's fixed in 6.8.
> Thanks for checking. I guess a CVE would make tracking useful for
> the future, but it is low risk DoS for most people, so I'll not push
> it :)
There's no vulnerability here - it's an unexploitable NULL dereference.
I can't see how it would be a denial of service either, because
attempting to parse they key was always going to yield a fatal() exit
More information about the openssh-unix-dev