MidnightBSD

Advisories for libssh

CVE-2012-6063 HIGH

Double free vulnerability in the sftp_mkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
libssh libssh 0.5.0
libssh libssh 0.4.7
libssh libssh *
libssh libssh 0.5.1
libssh libssh 0.4.8
CVE-2013-0176 MEDIUM

The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
libssh libssh 0.5.0
libssh libssh 0.4.7
libssh libssh 0.5.2
libssh libssh *
libssh libssh 0.5.1
libssh libssh 0.4.8
CVE-2014-0017 LOW

The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision.

CVSS 2.0

Severity: LOW

Problem Type: CWE-310,

Products Affected

Vendor Product Version
libssh libssh 0.5.0
libssh libssh 0.4.7
libssh libssh 0.5.2
libssh libssh 0.6.0
libssh libssh 0.5.3
libssh libssh 0.6.1
libssh libssh *
libssh libssh 0.5.1
libssh libssh 0.5.4
libssh libssh 0.5.5
libssh libssh 0.4.8
CVE-2014-8132 MEDIUM

Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
fedoraproject fedora 21
opensuse opensuse 12.3
libssh libssh 0.6.0
canonical ubuntu_linux 12.04
fedoraproject fedora 19
canonical ubuntu_linux 14.10
libssh libssh 0.5.3
debian debian_linux 8.0
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
libssh libssh 0.5.0
fedoraproject fedora 20
libssh libssh 0.5.2
debian debian_linux 7.0
opensuse opensuse 13.2
libssh libssh 0.6.2
libssh libssh 0.6.1
libssh libssh 0.6.3
libssh libssh 0.5.4
libssh libssh 0.5.5
CVE-2015-3146 MEDIUM

The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
fedoraproject fedora 21
fedoraproject fedora 22
debian debian_linux 7.0
canonical ubuntu_linux 12.04
debian debian_linux 8.0
libssh libssh *
canonical ubuntu_linux 14.04
CVE-2016-0739 MEDIUM

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
redhat enterprise_linux 7.0
fedoraproject fedora 22
debian debian_linux 7.0
fedoraproject fedora 23
canonical ubuntu_linux 12.04
debian debian_linux 8.0
libssh libssh *
canonical ubuntu_linux 14.04
CVE-2018-10933 MEDIUM

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-592,CWE-287,

Products Affected

Vendor Product Version
redhat enterprise_linux 7.0
debian debian_linux 8.0
netapp snapcenter -
netapp oncommand_unified_manager *
libssh libssh *
canonical ubuntu_linux 18.04
canonical ubuntu_linux 14.04
oracle mysql_workbench *
canonical ubuntu_linux 18.10
netapp oncommand_workflow_automation -
debian debian_linux 9.0
netapp storage_automation_store -
canonical ubuntu_linux 16.04
CVE-2019-14889 HIGH

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
opensuse leap 15.1
fedoraproject fedora 30
canonical ubuntu_linux 19.04
oracle mysql_workbench *
canonical ubuntu_linux 19.10
fedoraproject fedora 31
debian debian_linux 8.0
libssh libssh *
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
CVE-2020-16135 MEDIUM

libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
oracle communications_cloud_native_core_policy 1.15.0
fedoraproject fedora 33
libssh libssh 0.9.4
debian debian_linux 9.0
fedoraproject fedora 32
canonical ubuntu_linux 20.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
CVE-2020-1730 MEDIUM

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4
secalert@redhat.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
oracle mysql_workbench *
canonical ubuntu_linux 19.10
fedoraproject fedora 31
netapp cloud_backup -
fedoraproject fedora 32
libssh libssh *
canonical ubuntu_linux 18.04
redhat enterprise_linux 8.0
CVE-2021-3634 MEDIUM

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 35
oracle mysql_workbench *
debian debian_linux 10.0
netapp cloud_backup -
debian debian_linux 11.0
libssh libssh *
fedoraproject fedora 34
redhat virtualization 4.0
redhat enterprise_linux 8.0
CVE-2023-1667

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
debian debian_linux 10.0
fedoraproject fedora 37
libssh libssh *
redhat enterprise_linux 8.0
CVE-2023-2283

A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
fedoraproject fedora 37
libssh libssh *
redhat enterprise_linux 8.0
CVE-2023-3603

A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticated user's sftp server connection (if implemented as forking as recommended). For thread-based servers, this might also cause DoS for legitimate users. Given this code is not in any released versions, no security releases have been issued.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L 1.6 1.4

Products Affected

Vendor Product Version
libssh libssh *
CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

Products Affected

Vendor Product Version
openbsd openssh *
golang crypto *
roumenpetrov pkixssh *
redhat single_sign-on 7.0
russh_project russh *
ssh ssh *
lancom-systems lanconfig -
redhat ceph_storage 6.0
sftpgo_project sftpgo *
redhat jboss_enterprise_application_platform 7.0
putty putty *
oryx-embedded cyclone_ssh *
redhat enterprise_linux 9.0
proftpd proftpd *
thorntech sftp_gateway_firmware *
connectbot sshlib *
tera_term_project tera_term *
redhat openshift_pipelines -
netgate pfsense_plus *
lancom-systems lcos_fx -
apache sshj *
lancom-systems lcos_lx -
crushftp crushftp *
libssh libssh *
redhat cert-manager_operator_for_red_hat_openshift -
redhat openshift_container_platform 4.0
panic transmit_5 *
redhat openshift_developer_tools_and_services -
lancom-systems lcos_sx 5.20
redhat keycloak -
fedoraproject fedora 38
jadaptive maverick_synergy_java_ssh_api *
net-ssh net-ssh 7.2.0
crates thrussh *
lancom-systems lcos *
redhat openshift_virtualization 4
lancom-systems lcos_sx 4.20
trilead ssh2 6401
winscp winscp *
redhat openshift_serverless -
microsoft powershell *
erlang erlang/otp *
tinyssh tinyssh *
redhat discovery -
panic nova *
vandyke securecrt *
redhat openstack_platform 17.1
asyncssh_project asyncssh *
libssh2 libssh2 *
redhat openshift_api_for_data_protection -
apple macos *
paramiko paramiko *
redhat advanced_cluster_security 3.0
redhat advanced_cluster_security 4.0
dropbear_ssh_project dropbear_ssh *
bitvise ssh_client *
redhat openshift_gitops -
gentoo security -
ssh2_project ssh2 *
debian debian_linux 10.0
matez jsch *
freebsd freebsd *
apache sshd *
redhat openstack_platform 16.1
redhat storage 3.0
filezilla-project filezilla_client *
kitty_project kitty *
redhat openshift_data_foundation 4.0
netsarang xshell_7 *
fedoraproject fedora 39
netgate pfsense_ce *
redhat openstack_platform 16.2
redhat openshift_dev_spaces -
redhat enterprise_linux 8.0
bitvise ssh_server *
CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 1.3 3.4
secalert@redhat.com 4.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 1.3 3.4

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
fedoraproject fedora 38
libssh libssh *
redhat enterprise_linux 8.0
CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4
secalert@redhat.com 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 2.2 1.4

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
fedoraproject fedora 38
fedoraproject fedora 39
libssh libssh *
redhat enterprise_linux 8.0
CVE-2025-14821

A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an insecure default configuration on Windows systems where the library automatically loads configuration files from the C:\etc directory, which can be created and modified by unprivileged local users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
redhat hardened_images -
libssh libssh *
CVE-2025-5318

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
libssh libssh *
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.2 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N 1.6 2.5

Products Affected

Vendor Product Version
redhat enterprise_linux 7.0
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
redhat enterprise_linux 6.0
libssh libssh *
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 5.0 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 1.6 3.4

Products Affected

Vendor Product Version
redhat enterprise_linux 7.0
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
redhat enterprise_linux 6.0
libssh libssh *
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 2.8 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
libssh libssh 0.11.0
libssh libssh 0.11.1
CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 5.0 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 1.6 3.4

Products Affected

Vendor Product Version
libssh libssh -
libssh libssh *
CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6
secalert@redhat.com 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
libssh libssh *
CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
redhat hardened_images -
redhat enterprise_linux 10.0
libssh libssh *
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
CVE-2026-0965

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
libssh libssh *
CVE-2026-0966

The API function `ssh_get_hexa()` is vulnerable, when 0-lenght input is provided to this function. This function is used internally in `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated), which is vulnerable to the same input (length is provided by the calling application). The function is also used internally in the gssapi code for logging the OIDs received by the server during GSSAPI authentication. This could be triggered remotely, when the server allows GSSAPI authentication and logging verbosity is set at least to SSH_LOG_PACKET (3). This could cause self-DoS of the per-connection daemon process.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
redhat hardened_images -
redhat enterprise_linux 10.0
libssh libssh *
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
CVE-2026-0967

A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
libssh libssh *
CVE-2026-0968

A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
libssh libssh *
CVE-2026-3731 MEDIUM

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sftp_extensions_get_data of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may be performed from remote. Upgrading to version 0.11.4 and 0.12.0 is sufficient to resolve this issue. This patch is called 855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60. You should upgrade the affected component.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-125,

Products Affected

Vendor Product Version
libssh libssh *