SUSE SLES12 Security Update : libssh (SUSE-SU-2025:4408-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:4408-1 advisory. - CVE-2025-8114: Fixed a NULL pointer dereference when calculating session ID during KEX. bsc1246974 Tenable has extracted the preceding description...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libssh (UTSA-2025-990912)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990912 advisory. A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : libssh vulnerability (USN-7849-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7849-1 advisory. Philippe Antoine discovered that libssh did not properly manage memory when calculating a session ...

USN-7849-1: libssh vulnerability

Philippe Antoine discovered that libssh did not properly manage memory when calculating a session id during the key exchange process. An attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...

SUSE-SU-2025:3787-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. - CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-8114: Fixed NULL pointer dereference when calculating the session ID during the key exchange KEX process bsc1246974 CVE-2025-8277: Fixed Memory Exhaustion via Repeated Key Exchange bsc1249375 Patch Instructions: To install this SUSE upda...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...

SUSE-SU-2025:03369-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. - CVE-2025-8114: NULL pointer dereference when an allocation error happens during the...

SUSE CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...

CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...

CVE-2025-8114

Consolidated details for CVE-2025-8114 show a NULL pointer dereference in libssh during KEX session ID calculation caused by an allocation failure in cryptographic functions, leading to client or server crashes. Publicly documented fixes exist across multiple distributions: Debian LTS notes a fix...

libssh 代码问题漏洞

libssh is a C development package from the libssh organization for accessing SSH services that can perform remote commands, file transfers, and also provide a secure transport channel for remote programs. A code issue vulnerability exists in libssh that stems from a possible null pointer...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the calculation of the session ID during the key exchange process. An attacker can cause a crash of SSH clients or servers by triggering an allocation failure in cryptographic functions. Remediation Upgrade...