DEBIAN-CVE-2011-0539

DEBIAN-CVE-2011-0539 PUBLISHED

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.

Affected Products

Vendor	Product	Versions
Debian:12	openssh	0, 0, 0
Debian:11	openssh	0, 0, 0
Debian:14	openssh	0, 0, 0
Debian:13	openssh	0, 0, 0

Timeline

Feb 10, 2011 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2011-0539 advisory

Open in Interactive Console →