CVE Catalog

CVE-2025-5372

MediumCVSS 5.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.41%

32th percentile - higher than 32% of all known CVEs

Summary

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values, the function may mistakenly return a success status even when key derivation fails.

Risk Assessment

This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

Recommendation

It is recommended to update libssh to a version built with OpenSSL 3.0 or newer to eliminate this issue.

Original NVD description (English source)

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS