CVE-2025-5372
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| libssh | libssh | 0 < 0.11.2 | affected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:0.9.6-16.el8_10 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:0.9.6-16.el8_10 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | 0:0.9.4-2.el8_4.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | 0:0.9.4-2.el8_4.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 0:0.9.6-4.el8_6.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | 0:0.9.6-4.el8_6.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | 0:0.9.6-13.el8_8.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | 0:0.9.6-13.el8_8.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | 0:0.9.6-3.el9_0.2 < * | unaffected |
Weaknesses
- CWE-682: Incorrect Calculation
Workarounds
To mitigate this issue, administrators should ensure that libssh is built against OpenSSL version 3.0 or later. This change eliminates the return code mismatch and prevents the erroneous use of uninitialized key material. It is also strongly recommended to apply vendor supplied patches or update to the latest libssh security release as soon as possible.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://access.redhat.com/errata/RHSA-2025:21977
- https://access.redhat.com/errata/RHSA-2025:23024
- https://access.redhat.com/errata/RHSA-2026:20610
- https://access.redhat.com/errata/RHSA-2026:24349
- https://access.redhat.com/errata/RHSA-2026:25911
- https://access.redhat.com/security/cve/CVE-2025-5372
- https://bugzilla.redhat.com/show_bug.cgi?id=2369388
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.