#VU115171 Double free in libssh - CVE-2025-5351

Cybersecurity Help s.r.o.

Published: 2025-09-12

Vulnerability identifier: #VU115171

Vulnerability risk: Low

CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-5351

CWE-ID: CWE-415

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libssh
Universal components / Libraries / Libraries used by multiple products

Vendor: libssh

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the internal function responsible for converting cryptographic keys into serialized formats. A remote user can trigger a double free error and perform a denial of service attack in low-memory scenarios.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libssh: 0.3.0 - 0.10.0

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2369367

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for libssh

openEuler 24.03 LTS update for libssh

Anolis OS update for libssh

openEuler 24.03 LTS SP1 update for libssh

Fedora 41 update for libssh

Denial of service in libssh