CVE-2025-5351

Name
CVE-2025-5351
Description
A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vdb-entry https://access.redhat.com/security/cve/CVE-2025-5351
issue-tracking https://bugzilla.redhat.com/show_bug.cgi?id=2369367
secalert@redhat.com https://access.redhat.com/errata/RHSA-2026:18683

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:* libssh >= 0.10.0 < 0.11.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libssh edge-community 0.11.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libssh edge-community 0.11.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libssh edge-community 0.10.6-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libssh 3.22-community 0.11.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libssh 3.22-community 0.11.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libssh 3.22-community 0.10.6-r0 None possibly vulnerable