Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable but victim must connect to a malicious server and attacker must shape an uninitialized pointer (AC:H); no auth (PR:N); primary impact is crash/DoS (A:H) with limited integrity, no confidentiality (C:N).
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2_publickey_list_free operating on an uninitialized entry. A malicious SSH server offering the publickey subsystem can use a malformed response to make cleanup free an uninitialized, attacker-influenceable attrs pointer in a connecting libssh2 client.
AnalysisAI
Free of an uninitialized, attacker-influenceable pointer in libssh2 through 1.11.1 allows a malicious SSH server to corrupt memory in any connecting client that uses the publickey subsystem. The publickey list is grown via SSH2_REALLOC without zero-initializing new entries, so a server-induced parse failure that reaches the cleanup path causes libssh2_publickey_list_free to operate on an uninitialized attrs pointer. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the victim is a libssh2 client (version ≤ 1.11.1) that initiates an SSH connection to a server the attacker controls or has compromised, and that the connection uses the publickey subsystem so the vulnerable list-growth code in publickey.c is exercised. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | This is a genuine, prioritize-worthy client-side risk because exploitation is network-reachable with no authentication (PR:N, UI:N) and public PoC code exists, but several signals temper it. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker stands up or compromises an SSH server and lures or coerces a libssh2-based client (for example an automation job, sync tool, or appliance) into connecting and negotiating the publickey subsystem. The server returns a deliberately malformed publickey response that forces a parse failure into the cleanup path, causing the client to free an uninitialized attrs pointer; publicly available PoC code demonstrates triggering this calc/cleanup flaw. … |
| Remediation | No vendor-released patched version is identified in the provided data; the references point to the upstream source file (src/publickey.c) and the VulnCheck advisory rather than a tagged release, so the released patched version is not independently confirmed - track the VulnCheck advisory (https://www.vulncheck.com/advisories/libssh2-free-of-uninitialized-pointer-in-publickey-list-cleanup) and the libssh2 project for a fixed tag above 1.11.1 and upgrade as soon as it ships, then rebuild and redeploy all downstream software linked against libssh2. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Identify all applications and systems using libssh2 versions 1.11.1 and earlier; audit SSH server connections and restrict to trusted internal infrastructure only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Remote code execution in libssh2 through version 1.11.1 stems from an unchecked packet_length field in ssh2_transport_re
Heap buffer overflow in the libssh2 SSH client library (all versions through 1.11.1) lets a malicious or compromised SSH
Out-of-bounds heap read in libssh2 through 1.11.1 enables a malicious SFTP server or man-in-the-middle attacker to leak
Pre-authentication denial of service in libssh2 through 1.11.1 allows a malicious SSH server to pin a connecting client'
Integer overflow in libssh2 up to version 1.11.1 allows remote unauthenticated attackers to cause memory corruption duri
Same weakness CWE-908 – Use of Uninitialized Resource
View allSame technique Information Disclosure
View allVendor StatusVendor
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | vulnerable | 1.9.0-2+deb11u1 | - |
| bookworm | vulnerable | 1.10.0-3 | - |
| trixie | vulnerable | 1.11.1-1 | - |
| trixie (security) | vulnerable | 1.11.1-1+deb13u1 | - |
| forky, sid | vulnerable | 1.11.1-4 | - |
| (unstable) | fixed | (unfixed) | - |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39971
GHSA-c5f3-hwj2-xp5p