CVE-2025-5372

Medium CVSS: 5.0

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

Vendor

Libssh

Product

Libssh

CWE

CWE-682

Yayın Tarihi

2025-07-04 06:15:24

Güncelleme

2025-12-10 19:16:14

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-682 Libssh MEDIUM Libssh 2025

Referanslar

https://access.redhat.com/errata/RHSA-2025:21977 https://access.redhat.com/errata/RHSA-2025:23024 https://access.redhat.com/security/cve/CVE-2025-5372 https://bugzilla.redhat.com/show_bug.cgi?id=2369388

Benzer Kayıtlar

Critical

CVE-2026-0968

A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a m…

Low

CVE-2026-0965

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker c…

Medium

CVE-2026-0967

A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could cra…

Medium

CVE-2026-3731

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sft…

Medium

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length…

Medium

CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key e…