3 matches found
libssh: Incorrect Return Code Handling in ssh_kdf() in libssh
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...
CLSA-2025-1759857168 libssh: Fix of CVE-2025-5372
CVE-2025-5372: uninitialized key buffers caused by inconsistent sshkdf return value...
CLSA-2025-1759330475 libssh: Fix of CVE-2025-5372
CVE-2025-5372: uninitialized key buffers caused by inconsistent sshkdf return value...