ASA-2019-00145 – libssh2: Possible integer overflow leading to zero-byte allocation and out-of-bounds write

A server could send a SSH_MSG_CHANNEL_REQUEST packet with an exit signal message with a length of max unsigned integer value. The length would then have a value of 1 added to it and used to allocate memory causing a possible memory write out of bounds error or zero byte allocation (CWE-130).