Segfault on invalid SSH keys.

Steve Kemp steve at
Fri Oct 16 16:08:29 AEDT 2015

> There's no vulnerability here - it's an unexploitable NULL dereference.

  I am considering the case where a user uploads a public-key to a
 service, and ssh-keygen is used to display a fingerprint of that
 key.  (I run such a service, the github key-management page is another
 example - although they don't do things the same way my service
 crashed on the bogus key, theirs didn't!)

  Anyway thanks again for looking at it, in the future I'll try
 against HEAD before reporting things.


More information about the openssh-unix-dev mailing list