The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libssh2-1": "1.4.3-2ubuntu0.2", "libssh2-1-dbgsym": "1.4.3-2ubuntu0.2", "libssh2-1-dev-dbgsym": "1.4.3-2ubuntu0.2", "libssh2-1-dbg": "1.4.3-2ubuntu0.2", "libssh2-1-dev": "1.4.3-2ubuntu0.2" } ] }