In the library libssh (not to be confused with libssh2 ) designed to add client and server support to the SSHV2 protocol in the SI language programs, revealed vulnerability ( CVE-2021-3634 ), leading to a buffer overflow when initiating a change process Key (ReKey) using the key exchange mechanism using another hashing algorithm. The problem 0.9.6 .
The essence of the problem is that the operation of the key change is allowed to use cryptographic hashes with the size of the cast, differing from the initially used algorithm. At the same time, the memory for hash in Libssh has highlighted on the basis of the initial size of the hash and the use of larger hash leads to overwriting data abroad of the selected buffer. As a spare defense method, you can limit the list of supported key exchange methods only algorithms with the same hash size. For example, to bind to SHA256 to the code you can add: