1815 matches found
AZL-67095 CVE-2025-8277 affecting package libssh for versions less than 0.10.6-4
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
CVE-2025-8277
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
UBUNTU-CVE-2025-8277
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
CVE-2025-8277
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
CVE-2025-8277 Libssh: memory exhaustion via repeated key exchange in libssh
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
CVE-2025-8277
CVE-2025-8277 is a libssh issue where the KEX memory is not freed during repeated incorrect KEX guesses, causing a memory leak that can crash the client. Connected sources confirm this vulnerability and note fixes/newer releases. Affected versions include libssh prior to the patched line (e.g., u...
CVE-2025-8277 Libssh: memory exhaustion via repeated key exchange in libssh
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
CVE-2025-8277
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
CVE-2025-8277
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
libssh 安全漏洞
libssh is a C development package from the libssh organization for accessing SSH services, which is capable of executing remote commands, file transfers, as well as providing a secure transport channel for remote programs. A security vulnerability exists in libssh that stems from memory not being...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the key exchange process. An attacker can cause gradual memory exhaustion and potential application crashes by repeatedly initiating key exchanges with incorrect guesses as an...
Amazon Linux 2023 : libssh, libssh-config, libssh-devel (ALAS2023-2025-1155)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1155 advisory. The privatekeyfromfile uses an uninitialized variable under certainconditions, such as if the file specified by the filename argument doesn'texist. This causes the code to return an invalid...
OESA-2025-2131 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
OESA-2025-2130 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
OESA-2025-2129 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
Libssh: use of uninitialized variable in privatekey_from_file()
...
: null pointer dereference in libssh kex session id calculation
...
Libssh: write beyond bounds in binary to base64 conversion functions
...
Photon OS 5.0: Libssh PHSA-2025-5.0-0597
An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0597. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2023-1667
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of...