CVE-2019-3861 (debian_linux, libssh2)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Source: NIST
CVE-2019-3861 (debian_linux, libssh2)