{"id":"USN-7619-1","summary":"libssh vulnerabilities","details":"Ronald Crane discovered that libssh incorrectly handled certain base64\nconversions. An attacker could use this issue to cause libssh to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2025-4877)\n\nRonald Crane discovered that libssh incorrectly handled the\nprivatekey_from_file() function. An attacker could use this issue to cause\nlibssh to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2025-4878)\n\nRonald Crane discovered that libssh incorrectly handled certain memory\noperations in the sftp server. An attacker could possibly use this issue\nto cause libssh to crash, resulting in a denial of service.\n(CVE-2025-5318, CVE-2025-5449)\n\nRonald Crane discovered that libssh incorrectly handled exporting keys. An\nattacker could possibly use this issue to cause libssh to crash, resulting\nin a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu\n24.10, and Ubuntu 25.04. (CVE-2025-5351)\n\nRonald Crane discovered that libssh incorrectly handled the ssh_kdf()\nfunction. An attacker could use this issue to cause libssh to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2025-5372)\n\nRonald Crane discovered that libssh incorrectly handled the ChaCha20\ncipher. An attacker could possibly use this issue to cause libssh to\nuse partially initialized cypher content. This issue only affected Ubuntu\n24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-5987)","modified":"2026-04-22T11:00:17.521514Z","published":"2025-07-07T12:29:26Z","related":["UBUNTU-CVE-2025-4877","UBUNTU-CVE-2025-4878","UBUNTU-CVE-2025-5318","UBUNTU-CVE-2025-5351","UBUNTU-CVE-2025-5372","UBUNTU-CVE-2025-5987"],"upstream":["CVE-2025-4877","CVE-2025-4878","CVE-2025-5318","CVE-2025-5351","CVE-2025-5372","CVE-2025-5449","CVE-2025-5987","UBUNTU-CVE-2025-4877","UBUNTU-CVE-2025-4878","UBUNTU-CVE-2025-5318","UBUNTU-CVE-2025-5351","UBUNTU-CVE-2025-5372","UBUNTU-CVE-2025-5449","UBUNTU-CVE-2025-5987"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7619-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-4877"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-4878"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-5318"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-5351"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-5372"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-5449"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-5987"}],"affected":[{"package":{"name":"libssh","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/libssh@0.9.6-2ubuntu0.22.04.4?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.6-2ubuntu0.22.04.4"}]}],"versions":["0.9.6-1","0.9.6-1build1","0.9.6-2","0.9.6-2build1","0.9.6-2ubuntu0.22.04.1","0.9.6-2ubuntu0.22.04.2","0.9.6-2ubuntu0.22.04.3"],"ecosystem_specific":{"binaries":[{"binary_name":"libssh-4","binary_version":"0.9.6-2ubuntu0.22.04.4"},{"binary_name":"libssh-gcrypt-4","binary_version":"0.9.6-2ubuntu0.22.04.4"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7619-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2025-4877","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-4878","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-5318","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-5372","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}]}}},{"package":{"name":"libssh","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/libssh@0.10.6-2ubuntu0.1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.10.6-2ubuntu0.1"}]}],"versions":["0.10.5-3ubuntu1","0.10.5-3ubuntu2","0.10.6-2","0.10.6-2build1","0.10.6-2build2"],"ecosystem_specific":{"binaries":[{"binary_name":"libssh-4","binary_version":"0.10.6-2ubuntu0.1"},{"binary_name":"libssh-gcrypt-4","binary_version":"0.10.6-2ubuntu0.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7619-1.json","cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"id":"CVE-2025-4877","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-4878","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-5318","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-5351","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-5372","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-5987","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}]}}}],"schema_version":"1.7.5"}