Vigil@nce - Vigil@nce - libssh2: out-of-bounds memory reading via kex_method_diffie_hellman_group_exchange_sha256_key_exchange(), analyzed on 20/12/2021

February 2022 by Vigil@nce

Vigil@nce - An attacker can force a read at an invalid memory address of libssh2, via kex_method_diffie_hellman_group_exchange_sha256_key_exchange(), in order to trigger a denial of service, or to obtain sensitive information.