CVE-2025-5449

CVE-2025-5449

Name

CVE-2025-5449

Description

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2025-5449
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2369705
	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=261612179f740bc62ba363d98b3bd5e5573a811f
	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=3443aec90188d6aab9282afc80a81df5ab72c4da
	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=5504ff40515439a5fecbb17da7483000c4d12eb7
	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=78485f446af9b30e37eb8f177b81940710d54496
	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=f79ec51b7fd519dbc5737a7ba826e3ed093f6ceb
	https://www.libssh.org/security/advisories/CVE-2025-5449.txt

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2025-5449

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2369705

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=261612179f740bc62ba363d98b3bd5e5573a811f

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=3443aec90188d6aab9282afc80a81df5ab72c4da

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=5504ff40515439a5fecbb17da7483000c4d12eb7

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=78485f446af9b30e37eb8f177b81940710d54496

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=f79ec51b7fd519dbc5737a7ba826e3ed093f6ceb

https://www.libssh.org/security/advisories/CVE-2025-5449.txt

Match rules

CPE URI	Source package	Min version	Max version
	shopxo	>= 0.11.0	<= 0.11.1
`cpe:2.3:a:libssh:libssh:0.11.0:::::::*`	libssh	== None	== 0.11.0
`cpe:2.3:a:libssh:libssh:0.11.1:::::::*`	libssh	== None	== 0.11.1

CPE URI

Source package

Min version

Max version

shopxo

>= 0.11.0

<= 0.11.1

cpe:2.3:a:libssh:libssh:0.11.0:*:*:*:*:*:*:*

libssh

== None

== 0.11.0

cpe:2.3:a:libssh:libssh:0.11.1:*:*:*:*:*:*:*

libssh

== None

== 0.11.1

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libssh	edge-community	0.11.2-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libssh	edge-community	0.11.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libssh	3.22-community	0.11.2-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libssh	3.22-community	0.11.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

libssh

edge-community

0.11.2-r0

Natanael Copa <ncopa@alpinelinux.org>

fixed

libssh

edge-community