The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 325d889c5403ba20a24097f64c32d27ab993c2c3 |
| n/a | n/a | <= 6.1.* |