1851 matches found
[slackware-security] libssh
New libssh packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libssh-0.11.2-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Write beyond bounds in binary to base64 conversion. Us...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
DEBIAN-CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
AZL-64358 CVE-2025-5318 affecting package libssh for versions less than 0.10.6-2
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
AZL-64346 CVE-2025-5318 affecting package libssh for versions less than 0.10.6-2
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
UBUNTU-CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
CVE-2025-5318 : A flaw in libssh before 0.11.2 allows an authenticated remote attacker to trigger an out-of-bounds read in sftp_handle() due to an incorrect comparison, potentially reading memory beyond the valid handle list and returning an invalid pointer. Documented impacts include confidentia...
CVE-2025-5318
A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318 Libssh: out-of-bounds read in sftp_handle()
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318 Libssh: out-of-bounds read in sftp_handle()
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to incorrect validity check in the sftpdecodechanneldatatopacket function. An attacker can cause the server to crash by sending specially crafted SFTP packets with payload size field set to value...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the bintobase64 function in base64.c. An attacker can cause memory corruption by supplying very large input to sshgetfingerprinthash. Note: This is only exploitable on 32-bit systems. Remediation Upgrade libssh to...
Double Free
Overview Affected versions of this package are vulnerable to Double Free via the pkikeytoblob function when built with OpenSSL versions older than 3.0. The issue can lead to heap corruption or application instability during error handling in low-memory environments. Workaround This vulnerability...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the sshkdf function when built with OpenSSL versions older than 3.0. An attacker can compromise the confidentiality, integrity, and availability of SSH sessions by triggering...
libssh 缓冲区错误漏洞
libssh is a C development package from the libssh organization for accessing SSH services, which is capable of executing remote commands, file transfers, as well as providing a secure transport channel for remote programs. A buffer error vulnerability exists in libssh that stems from an...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the sftphandle function due to an incorrect comparison check that allows access to memory beyond the valid handle list, resulting in the return of an invalid pointer used in further processing. An attacker can acce...
PT-2025-26738
Name of the Vulnerable Software and Affected Versions: libssh affected versions not specified Description: A flaw in the libssh library can trigger an out-of-bounds read in the sftp handle function due to an incorrect comparison check. This allows the function to access memory beyond the valid...