The vulnerability of the chacha20_poly1305_set_key() function in the libssh library, which allows a hacker to disclose sensitive information

The vulnerability of the chacha20poly1305setkey function in the libssh library is related to the lack of checking for the returned value. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

UBUNTU-CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...