PT-2025-26738 · Libssh+10 · Libssh+10

Ronald Crane

·

Published

2025-06-24

·

Updated

2026-03-31

·

CVE-2025-5318

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions: libssh (affected versions not specified)
Description: A flaw in the libssh library can trigger an out-of-bounds read in the sftp handle function due to an incorrect comparison check. This allows the function to access memory beyond the valid handle list and return an invalid pointer, which is used in further processing. An authenticated remote attacker can potentially read unintended memory regions, exposing sensitive information or affecting service behavior.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025:18231
ALSA-2025:18275
ALSA-2025:18286
ALSA-2025:20943
ALSA-2025:21013
ALT-PU-2025-10972
AZL-64346
AZL-64358
BDU:2025-09008
CESA-2025_18286
CVE-2025-5318
DLA-4385-1
INFSA-2025_18275
INFSA-2025_18286
INFSA-2025_20943
JLSEC-2025-96
OESA-2025-1707
OESA-2025-1804
OESA-2025-1805
OESA-2025-1806
OESA-2025-1807
OESA-2025-1808
OPENSUSE-SU-2025:15243-1
RHSA-2025:18231
RHSA-2025:18275
RHSA-2025:18286
RHSA-2025:19012
RHSA-2025:19098
RHSA-2025:19101
RHSA-2025:19400
RHSA-2025:19401
RHSA-2025:19470
RHSA-2025:19472
RHSA-2025:20943
RHSA-2025:21013
RHSA-2025_18275
RHSA-2025_18286
RHSA-2025_20943
SUSE-SU-2025:02229-1
SUSE-SU-2025:02278-1
SUSE-SU-2025:02279-1
SUSE-SU-2025:02281-1
SUSE-SU-2025:02755-1
SUSE-SU-2025:20557-1
SUSE-SU-2025:20596-1
SUSE-SU-2025_02229-1
SUSE-SU-2025_02278-1
SUSE-SU-2025_02279-1
SUSE-SU-2025_02281-1
SUSE-SU-2025_02755-1
USN-7619-1
USN-7696-1

Affected Products

Alt Linux
Almalinux
Centos
Debian
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Libssh