It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libssh-4", "binary_version": "0.6.1-0ubuntu3.1" }, { "binary_name": "libssh-dbg", "binary_version": "0.6.1-0ubuntu3.1" }, { "binary_name": "libssh-dev", "binary_version": "0.6.1-0ubuntu3.1" }, { "binary_name": "libssh-doc", "binary_version": "0.6.1-0ubuntu3.1" } ] }