Segfault on invalid SSH keys.
Steve Kemp
steve at steve.org.uk
Fri Oct 16 16:08:29 AEDT 2015
> There's no vulnerability here - it's an unexploitable NULL dereference.
I am considering the case where a user uploads a public-key to a
service, and ssh-keygen is used to display a fingerprint of that
key. (I run such a service, the github key-management page is another
example - although they don't do things the same way my service
crashed on the bogus key, theirs didn't!)
Anyway thanks again for looking at it, in the future I'll try
against HEAD before reporting things.
Steve
--
http://www.steve.org.uk/
More information about the openssh-unix-dev
mailing list