Segfault on invalid SSH keys.

[Damien Miller]

On Thu, 15 Oct 2015, Steve Kemp wrote:

> > ok, I can reproduce it in 6.6, but it's fixed in 6.8.
>
>   Thanks for checking. I guess a CVE would make tracking useful for
>  the future, but it is low risk DoS for most people, so I'll not push
>  it :)

There's no vulnerability here - it's an unexploitable NULL dereference.

I can't see how it would be a denial of service either, because
attempting to parse they key was always going to yield a fatal() exit
anyway.

-d