Security Bulletin: Vulnerabilities in libssh affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in the libssh component affect IBM Storage Virtualize products and could cause denial of service and confidentiality impacts. CVE-2023-1667 CVE-2023-2283. Vulnerability Details CVEID:CVE-2023-1667 DESCRIPTION: A NULL pointer dereference was found In libssh during re-keying...

[SECURITY] Fedora 42 Update: libssh-0.11.2-1.fc42

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

The vulnerability of the pki_key_to_blob() function in the libssh library allows a hacker to disclose sensitive information or cause service failures.

The vulnerability of the pkikeytoblob function in the libssh library is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to disclose sensitive information or cause service failures...

The vulnerability of the ssh_get_fingerprint_hash() function in the libssh library allows a hacker to execute arbitrary code.

The vulnerability of the sshgetfingerprinthash function in the libssh library is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the privatekey_from_file() function in the libssh library allows a hacker to disclose sensitive information or cause service failures.

The vulnerability of the privatekeyfromfile function in the libssh library is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to disclose sensitive information or cause service failures...

The vulnerability of the ssh_kdf() function in the libssh library, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the sshkdf function in the libssh library is related to improper handling of code generation. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Fedora: Security Advisory (FEDORA-2025-69acb71145)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : libssh (2025-69acb71145)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-69acb71145 advisory. New upstream release fixing various security issues and bugs Tenable has extracted the preceding description block directly from the Fedora security advisory...

UBUNTU-CVE-2025-4878

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption...

UBUNTU-CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

Slackware Linux 15.0 / current libssh Multiple Vulnerabilities (SSA:2025-175-01)

The version of libssh installed on the remote host is prior to 0.11.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-175-01 advisory. New libssh packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the precedin...

UBUNTU-CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

UBUNTU-CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

UBUNTU-CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

SUSE CVE-2025-4877

There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash function. In such cases the bintobase64 function can experience an integer overflow leading to a memory under allocation, when that happens it's possibl...

SUSE CVE-2025-4878

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption...

SUSE CVE-2025-5318

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...

SUSE CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

SUSE CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

SUSE CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...