EUVD-2025-19931CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4DescriptionNVD
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success-the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
AnalysisAI
A security vulnerability in libssh (CVSS 5.0). Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type not specified by vendor. Affects libssh.
RemediationAI
Monitor vendor channels for patch availability.
Vendor StatusVendor
Ubuntu
Priority: Medium| Release | Status | Version |
|---|---|---|
| jammy | released | 0.9.6-2ubuntu0.22.04.4 |
| noble | released | 0.10.6-2ubuntu0.1 |
| oracular | released | 0.10.6-3ubuntu1.1 |
| plucky | released | 0.11.1-1ubuntu0.1 |
| upstream | released | 0.11.2 |
| xenial | ignored | changes too intrusive |
| bionic | ignored | changes too intrusive |
| focal | ignored | changes too intrusive |
Debian
Bug #1108407| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | fixed | 0.9.8-0+deb11u2 | - |
| bullseye (security) | fixed | 0.9.8-0+deb11u2 | - |
| bookworm | fixed | 0.10.6-0+deb12u2 | - |
| bookworm (security) | vulnerable | 0.10.6-0+deb12u1 | - |
| trixie | fixed | 0.11.2-1+deb13u1 | - |
| forky | fixed | 0.11.3-1 | - |
| sid | fixed | 0.12.0-1 | - |
| (unstable) | fixed | 0.11.2-1 | - |
Share
External POC / Exploit Code
Leaving vuln.today