Out-of-Bounds Read Vulnerability in libssh Affecting Sensitive Data
CVE-2025-5318

5.4MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Openshift Container Platform 4
Vendor
CVE Published:
24 June 2025

What is CVE-2025-5318?

A flaw in the libssh library triggers an out-of-bounds read in the sftp_handle function due to an improper comparison check. This allows for accessing memory outside the valid handle list, potentially leading to the exposure of sensitive data or disruption of service behavior. An authenticated remote attacker could exploit this vulnerability to read unintended memory regions, which raises significant security concerns for applications utilizing the library.

References

https://access.redhat.com/security/cve/CVE-2025-5318
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369131
issue-trackingx_refsource_REDHAT
https://www.libssh.org/security/advisories/CVE-2025-5318.txt

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Ronald Crane for reporting this issue.
.
CVE-2025-5318 : Out-of-Bounds Read Vulnerability in libssh Affecting Sensitive Data