[フレーム] 
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4385-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
November 27, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libssh
Version : 0.9.8-0+deb11u2
CVE ID : CVE-2025-4877 CVE-2025-4878 CVE-2025-5318 CVE-2025-5372
 CVE-2025-8114 CVE-2025-8277
Debian Bug : 1108407 1109860 1114859
Several vulnerabilities have been found in libssh, a tiny C SSH library.
CVE-2025-4877
 Ronald Crane found that bin_to_base64() could experience an integer
 overflow and subsequent under allocation, leading to an out of
 bounds write on 32-bit builds.
CVE-2025-4878
 Ronald Crane found that privatekey_from_file() used an uninitialized
 variable under certain conditions, which could lead to signing
 failure, use-after-free or memory corruption.
CVE-2025-5318
 Ronald Crane found that sftp_handle() had an incorrect check, which
 could lead to an out of bounds read.
CVE-2025-5372
 Ronald Crane found that ssh_kdf() returned a success code on
 certain failures, which could lead to use of uninitialized
 cryptographic keys and failing to encrypt/decrypt following
 communication.
CVE-2025-8114
 Philippe Antoine found a null pointer dereference issue when libssh
 calculates the session id for the key exchange (KEX) process and an
 error happens when allocating memory using cryptographic functions,
 leading to a crash.
CVE-2025-8277
 Francesco Rollo a memory leak during the KEX process when a client
 sets the `first_kex_packet_follows` flag in the KEXINIT message and
 repeatedly makes incorrect KEX guesses.
For Debian 11 bullseye, these problems have been fixed in version
0.9.8-0+deb11u2.
We recommend that you upgrade your libssh packages.
For the detailed security status of libssh please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libssh
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: libssh Critical Issues Addressed in DLA-4385-1

November 27, 2025
Several vulnerabilities have been found in libssh, a tiny C SSH library

Summary

CVE-2025-4877

Ronald Crane found that bin_to_base64() could experience an integer
overflow and subsequent under allocation, leading to an out of
bounds write on 32-bit builds.

CVE-2025-4878

Ronald Crane found that privatekey_from_file() used an uninitialized
variable under certain conditions, which could lead to signing
failure, use-after-free or memory corruption.

CVE-2025-5318

Ronald Crane found that sftp_handle() had an incorrect check, which
could lead to an out of bounds read.

CVE-2025-5372

Ronald Crane found that ssh_kdf() returned a success code on
certain failures, which could lead to use of uninitialized
cryptographic keys and failing to encrypt/decrypt following
communication.

CVE-2025-8114

Philippe Antoine found a null pointer dereference issue when libssh
calculates the session id for the key exchange (KEX) process and an
error happens when allocating memory using cryptographic functions,
leading to a crash.

CVE-2025-8277

Read the Full Advisory


Package : libssh
Version : 0.9.8-0+deb11u2
CVE ID : CVE-2025-4877 CVE-2025-4878 CVE-2025-5318 CVE-2025-5372
Debian Bug : 1108407 1109860 1114859

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox

Please enable the javascript to submit this form

Related News

[画像:Exploring AI Predictive Cybersecurity Models for Linux Systems][画像:Exploring AI Predictive Cybersecurity Models for Linux Systems][画像:Exploring AI Predictive Cybersecurity Models for Linux Systems]
4 - 7 min read
It's always been a matter of responding to cybersecurity. Threats happen, defenses are made, attackers adjust their plans, and the cycle starts all

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

Please enable the javascript to submit this form
© 2024 Guardian Digital, Inc All Rights Reserved
You are now being logged in using your Facebook credentials

AltStyle によって変換されたページ (->オリジナル) /