Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

mkj/dropbear
main @ e470317
149
Fixes
0
CVEs
CRITICAL
Peak severity
Highlights
Denial of Service: 55 prior fixes. Scrutinize any change in this area.
common-session.c: most-fixed (14 issues). Treat as high-risk during review.
49 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Auth Bypass: Parsing of the authorized_keys file has historically been prone to split-line parser differentials, missing null-byte validation, and uncaptured return values during key checks, enabling remote attackers to bypass public key constraints or authentication entirely.
Privilege Escalation: Failure to drop privileges to the target user's UID/GID before opening and reading authorized_keys files historically allowed unprivileged clients to coerce the root daemon into accessing privileged or restricted paths.
Path Traversal: The scp client has been vulnerable to malicious servers writing arbitrary files or modifying local directories due to incomplete destination directory existence checks and weak validation of incoming filenames against glob patterns.