{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"libssh security update", "category":"general", "title":"Synopsis" }, { "text":"An update for libssh is now available for openEuler-24.03-LTS-SP2", "category":"general", "title":"Summary" }, { "text":"The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote programs. With its Secure FTP implementation, you can play with remote files easily, without third-party programs others than libcrypto (from openssl).\n\nSecurity Fix(es):\n\nA vulnerability classified as critical was found in libssh up to 0.11.1.The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 0.11.2 eliminates this vulnerability.(CVE-2025-4877)\n\nA vulnerability, which was classified as problematic, has been found in libssh up to 0.11.1.Using CWE to declare the problem leads to CWE-824. The product accesses or uses a pointer that has not been initialized.Impacted is confidentiality, integrity, and availability.Upgrading to version 0.11.2 eliminates this vulnerability.(CVE-2025-4878)\n\nA flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.(CVE-2025-5351)\n\nA flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.(CVE-2025-5372)\n\nA flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.(CVE-2025-5987)", "category":"general", "title":"Description" }, { "text":"An update for libssh is now available for openEuler-24.03-LTS-SP2.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"libssh", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-2127", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2127" }, { "summary":"CVE-2025-4877", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-4877&packageName=libssh" }, { "summary":"CVE-2025-4878", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-4878&packageName=libssh" }, { "summary":"CVE-2025-5351", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-5351&packageName=libssh" }, { "summary":"CVE-2025-5372", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-5372&packageName=libssh" }, { "summary":"CVE-2025-5987", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-5987&packageName=libssh" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4877" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4878" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5351" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5372" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5987" }, { "summary":"openEuler-SA-2025-2127 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-2127.json" } ], "title":"An update for libssh is now available for openEuler-24.03-LTS-SP2", "tracking":{ "initial_release_date":"2025-09-05T20:43:51+08:00", "revision_history":[ { "date":"2025-09-05T20:43:51+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-09-05T20:43:51+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-09-05T20:43:51+08:00", "id":"openEuler-SA-2025-2127", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"openEuler-24.03-LTS-SP2", "name":"openEuler-24.03-LTS-SP2" }, "name":"openEuler-24.03-LTS-SP2", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-0.10.5-5.oe2403sp2.aarch64.rpm", "name":"libssh-0.10.5-5.oe2403sp2.aarch64.rpm" }, "name":"libssh-0.10.5-5.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64.rpm", "name":"libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64.rpm" }, "name":"libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-debugsource-0.10.5-5.oe2403sp2.aarch64.rpm", "name":"libssh-debugsource-0.10.5-5.oe2403sp2.aarch64.rpm" }, "name":"libssh-debugsource-0.10.5-5.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-devel-0.10.5-5.oe2403sp2.aarch64.rpm", "name":"libssh-devel-0.10.5-5.oe2403sp2.aarch64.rpm" }, "name":"libssh-devel-0.10.5-5.oe2403sp2.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-0.10.5-5.oe2403sp2.src.rpm", "name":"libssh-0.10.5-5.oe2403sp2.src.rpm" }, "name":"libssh-0.10.5-5.oe2403sp2.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-0.10.5-5.oe2403sp2.x86_64.rpm", "name":"libssh-0.10.5-5.oe2403sp2.x86_64.rpm" }, "name":"libssh-0.10.5-5.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64.rpm", "name":"libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64.rpm" }, "name":"libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-debugsource-0.10.5-5.oe2403sp2.x86_64.rpm", "name":"libssh-debugsource-0.10.5-5.oe2403sp2.x86_64.rpm" }, "name":"libssh-debugsource-0.10.5-5.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-devel-0.10.5-5.oe2403sp2.x86_64.rpm", "name":"libssh-devel-0.10.5-5.oe2403sp2.x86_64.rpm" }, "name":"libssh-devel-0.10.5-5.oe2403sp2.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"noarch", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"libssh-help-0.10.5-5.oe2403sp2.noarch.rpm", "name":"libssh-help-0.10.5-5.oe2403sp2.noarch.rpm" }, "name":"libssh-help-0.10.5-5.oe2403sp2.noarch.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-0.10.5-5.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "name":"libssh-0.10.5-5.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "name":"libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-debugsource-0.10.5-5.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "name":"libssh-debugsource-0.10.5-5.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-devel-0.10.5-5.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "name":"libssh-devel-0.10.5-5.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-0.10.5-5.oe2403sp2.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "name":"libssh-0.10.5-5.oe2403sp2.src as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-0.10.5-5.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "name":"libssh-0.10.5-5.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "name":"libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-debugsource-0.10.5-5.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "name":"libssh-debugsource-0.10.5-5.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-devel-0.10.5-5.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "name":"libssh-devel-0.10.5-5.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"libssh-help-0.10.5-5.oe2403sp2.noarch.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch", "name":"libssh-help-0.10.5-5.oe2403sp2.noarch as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2025-4877", "notes":[ { "text":"A vulnerability classified as critical was found in libssh up to 0.11.1.The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 0.11.2 eliminates this vulnerability.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ], "details":"libssh security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2127" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.5, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-4877" }, { "cve":"CVE-2025-4878", "notes":[ { "text":"A vulnerability, which was classified as problematic, has been found in libssh up to 0.11.1.Using CWE to declare the problem leads to CWE-824. The product accesses or uses a pointer that has not been initialized.Impacted is confidentiality, integrity, and availability.Upgrading to version 0.11.2 eliminates this vulnerability.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ], "details":"libssh security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2127" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.6, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-4878" }, { "cve":"CVE-2025-5351", "notes":[ { "text":"A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ], "details":"libssh security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2127" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-5351" }, { "cve":"CVE-2025-5372", "notes":[ { "text":"A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ], "details":"libssh security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2127" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":8.8, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-5372" }, { "cve":"CVE-2025-5987", "notes":[ { "text":"A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ], "details":"libssh security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2127" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":8.1, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.src", "openEuler-24.03-LTS-SP2:libssh-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debuginfo-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-debugsource-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-devel-0.10.5-5.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:libssh-help-0.10.5-5.oe2403sp2.noarch" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-5987" } ] }