A security issue has been found in libssh before version 0.9.6. An attacker can request a rekey with a key exchange algorithm with a digest of a different size, causing libssh reading or writing behind the buffer limits.
A security issue has been found in libssh before version 0.9.6. An attacker can request a rekey with a key exchange algorithm with a digest of a different size, causing libssh reading or writing behind the buffer limits.
https://www.libssh.org/security/advisories/CVE-2021-3634.txt https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35485 https://git.libssh.org/projects/libssh.git/commit/?id=d3060bc84ed4e160082e819b4d404f76df7c8063
Workaround ========== The only temporary workaround is to enable key exchange algorithms with the same digest size, for example for SHA256: rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nistp256");