Heap Space Exhaustion Vulnerability in libssh with OpenSSL Cipher
CVE-2025-5987

8.1HIGH

Key Information:

Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat Enterprise Linux 9
Vendor
CVE Published:
7 July 2025

What is CVE-2025-5987?

A vulnerability in libssh arises when using the ChaCha20 cipher in conjunction with the OpenSSL library, which can lead to heap space exhaustion. If an attacker exploits this flaw, they may trigger a situation where a partially initialized cipher context is utilized without detection. This occurs due to the erroneous return of an OpenSSL error code that does not correctly indicate failure, thus allowing libssh to mistakenly interpret the situation as successful. As a consequence, potential risks include data confidentiality breaches, data integrity loss, and application crashes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2025:23483
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:23484
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0427
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.