vulnerability
Red Hat: CVE-2025-5318: libssh: out-of-bounds read in sftp_handle() (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | Jun 24, 2025 | Jul 9, 2025 | Jan 28, 2026 |
Severity
6
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
Jun 24, 2025
Added
Jul 9, 2025
Modified
Jan 28, 2026
Description
A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-libsshredhat-upgrade-libssh-configredhat-upgrade-libssh-debuginforedhat-upgrade-libssh-debugsourceredhat-upgrade-libssh-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.