CVE-2025-5449 — Integer Overflow or Wraparound in Libssh

CWE-190 — Integer Overflow or Wraparound8 documents7 sources

Severity

6.5MEDIUMNVD

OSV4.5

EPSS

0.2%

top 55.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libssh

Timeline

PublishedJul 25

Description

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶Debianlibssh/libssh< 0.11.2-1+1

▶Ubuntulibssh/libssh< 0.9.6-2ubuntu0.22.04.4+1

▶NVDlibssh/libssh0.11.0, 0.11.1+1

Patches

Patch: git.libssh.org ↗Patch: git.libssh.org ↗Patch: git.libssh.org ↗

🔴Vulnerability Details

GHSA

GHSA-q9x7-4rf7-4xq2: A flaw was found in the SFTP server message decoding logic of libssh↗2025-07-25

▶

CVEList

Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service↗2025-07-25

▶

OSV

CVE-2025-5449: A flaw was found in the SFTP server message decoding logic of libssh↗2025-07-25

▶

OSV

libssh vulnerabilities↗2025-07-07

▶

📋Vendor Advisories

Ubuntu

libssh vulnerabilities↗2025-07-07

▶

Red Hat

libssh: Integer Overflow in libssh SFTP Server Packet Length Validation Leading to Denial of Service↗2025-06-24

▶

Debian

CVE-2025-5449: libssh - A flaw was found in the SFTP server message decoding logic of libssh. The issue ...↗2025

▶