CVE-2014-8132

Priority
Description
Double free vulnerability in the ssh_packet_kexinit function in kex.c in
libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a
denial of service via a crafted kexinit packet.
Assigned-to
mdeslaur
Notes
mdeslaur0.5.1 and higher
Package
Upstream:released (0.6.4)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [0.6.1-0ubuntu3.1])
Patches:
Upstream:http://git.libssh.org/projects/libssh.git/commit/?id=c2aed4ca78030d9014a890cb4370e6dc8264823f
More Information

Updated: 2019-12-05 18:38:30 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)