CVE-2025-5987Return of Wrong Status Code in Libssh

CWE-393Return of Wrong Status Code9 documents8 sources
Severity
8.1HIGHNVD
OSV4.5
EPSS
0.1%
top 77.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LibsshDebian LibsshMsrc Azl3 Libssh 0.10.6-1 ON Azure Linux 3.0+3 more
Timeline
PublishedJul 7
Latest updateJan 15

Description

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages8 packages

NVDlibssh/libssh0.10.00.11.2
debiandebian/libssh< libssh 0.10.6-0+deb12u2 (bookworm)
Debianlibssh/libssh< 0.10.6-0+deb12u2+2
Ubuntulibssh/libssh< 0.9.6-2ubuntu0.22.04.4+1

🔴Vulnerability Details

3
OSV
libssh vulnerabilities2025-07-07
GHSA
GHSA-3pvj-q7qj-89fg: A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library2025-07-07
OSV
CVE-2025-5987: A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library2025-07-07

📋Vendor Advisories

5
Oracle
Oracle Oracle Communications Risk Matrix: Routing (libssh) — CVE-2025-59872026-01-15
Microsoft
Libssh: invalid return code for chacha20 poly1305 with openssl backend2025-07-08
Ubuntu
libssh vulnerabilities2025-07-07
Red Hat
libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend2025-04-26
Debian
CVE-2025-5987: libssh - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL libra...2025
CVE-2025-5987 — Return of Wrong Status Code in Libssh | cvebase