Debian LTS: libssh Critical Issues Addressed in DLA-4385-1
debian lts
November 27, 2025
Several vulnerabilities have been found in libssh, a tiny C SSH library
Topics Covered
Summary
CVE-2025-4877
Ronald Crane found that bin_to_base64() could experience an integer
overflow and subsequent under allocation, leading to an out of
bounds write on 32-bit builds.
CVE-2025-4878
Ronald Crane found that privatekey_from_file() used an uninitialized
variable under certain conditions, which could lead to signing
failure, use-after-free or memory corruption.
CVE-2025-5318
Ronald Crane found that sftp_handle() had an incorrect check, which
could lead to an out of bounds read.
CVE-2025-5372
Ronald Crane found that ssh_kdf() returned a success code on
certain failures, which could lead to use of uninitialized
cryptographic keys and failing to encrypt/decrypt following
communication.
CVE-2025-8114
Philippe Antoine found a null pointer dereference issue when libssh
calculates the session id for the key exchange (KEX) process and an
error happens when allocating memory using cryptographic functions,
leading to a crash.
CVE-2025-8277
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: libssh
Version: 0.9.8-0+deb11u2
CVE ID: CVE-2025-4877 CVE-2025-4878 CVE-2025-5318 CVE-2025-5372
Debian Bug: 1108407 1109860 1114859
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!