Explore top 10 tips to secure your open-source projects now. Read More
×
libssh could be made to crash.
Software Description:
- libssh: A tiny C SSH library
Details:
Philippe Antoine discovered that libssh did not properly manage memory
when calculating a session id during the key exchange process. An attacker
could possibly use this issue to cause libssh to crash, resulting in a
denial of service.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libssh-4 0.11.2-1ubuntu0.1
Ubuntu 25.04
libssh-4 0.11.1-1ubuntu0.2
Ubuntu 24.04 LTS
libssh-4 0.10.6-2ubuntu0.2
libssh-gcrypt-4 0.10.6-2ubuntu0.2
Ubuntu 22.04 LTS
libssh-4 0.9.6-2ubuntu0.22.04.5
libssh-gcrypt-4 0.9.6-2ubuntu0.22.04.5
Ubuntu 20.04 LTS
libssh-4 0.9.3-2ubuntu2.5+esm2
Available with Ubuntu Pro
libssh-gcrypt-4 0.9.3-2ubuntu2.5+esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libssh-4 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm5
Available with Ubuntu Pro
libssh-gcrypt-4 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm5
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libssh-4 0.6.3-4.3ubuntu0.6+esm3
Available with Ubuntu Pro
libssh-gcrypt-4 0.6.3-4.3ubuntu0.6+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-7849-1
CVE-2025-8114
Get the latest Linux and open source security news straight to your inbox.