CVE-2025-4878 — Use After Free in Libssh

CWE-416 — Use After Free10 documents7 sources

Severity

3.6LOWNVD

OSV4.5

EPSS

0.0%

top 91.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libssh Debian Libssh Msrc Azl3 Libssh 0.10.6-2 ON Azure Linux 3.0 +3 more

Timeline

PublishedJul 22

Latest updateAug 14

Description

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 1.0 | Impact: 2.5

Affected Packages7 packages

▶debiandebian/libssh< libssh 0.10.6-0+deb12u2 (bookworm)

▶Debianlibssh/libssh< 0.9.8-0+deb11u2+3

▶Ubuntulibssh/libssh< 0.9.6-2ubuntu0.22.04.4+4

▶msrcmsrc/azl3_libssh_0.10.6-2_on_azure_linux_3.0

▶msrcmsrc/azl3_libssh_0.10.6-3_on_azure_linux_3.0

🔴Vulnerability Details

OSV

libssh vulnerabilities↗2025-08-14

▶

GHSA

GHSA-q2fw-m52x-w593: A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function↗2025-07-22

▶

OSV

CVE-2025-4878: A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function↗2025-07-22

▶

OSV

libssh vulnerabilities↗2025-07-07

▶

📋Vendor Advisories

Ubuntu

libssh vulnerabilities↗2025-08-14

▶

Microsoft

Libssh: use of uninitialized variable in privatekey_from_file()↗2025-07-08

▶

Ubuntu

libssh vulnerabilities↗2025-07-07

▶

Red Hat

libssh: Use of uninitialized variable in privatekey_from_file()↗2025-06-24

▶

Debian

CVE-2025-4878: libssh - A vulnerability was found in libssh, where an uninitialized variable exists unde...↗2025

▶