OpenSSH Remote Denial-of-Service Vulnerability Technical Analysis and Solution
OpenSSH contains a memory exhaustion issue during key exchange. An unauthenticated client can increase the memory allocated to each connection on the server to 384 MB, by repeating the KEXINIT process. An attacker can exploit this vulnerability by initiating multiple connections, to exhaust memory resources of the server and therefore lead to a denial of service.