Untriaged
Permalink
CVE-2025-4877
4.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): HIGH
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
Libssh: write beyond bounds in binary to base64 conversion functions
There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh.
References
- https://access.redhat.com/security/cve/CVE-2025-4877 x_refsource_REDHAT vdb-entry
- RHBZ#2376193 issue-tracking x_refsource_REDHAT
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce39…
- https://www.libssh.org/security/advisories/CVE-2025-4877.txt
- https://www.libssh.org/security/advisories/CVE-2025-4877.txt
- https://access.redhat.com/security/cve/CVE-2025-4877 x_refsource_REDHAT vdb-entry
- RHBZ#2376193 issue-tracking x_refsource_REDHAT
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce39…
- RHBZ#2376193 issue-tracking x_refsource_REDHAT
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce39…
- https://www.libssh.org/security/advisories/CVE-2025-4877.txt
- https://access.redhat.com/security/cve/CVE-2025-4877 x_refsource_REDHAT vdb-entry
Affected products
rhcos
libssh
- <0.11.2
libssh2
Matching in nixpkgs
pkgs.libssh2
Client-side C library implementing the SSH2 protocol
-
nixos-unstable -
- nixpkgs-unstable 1.11.1
pkgs.haskellPackages.libssh
libssh bindings
-
nixos-unstable -
- nixpkgs-unstable 0.1.0.0
pkgs.python312Packages.ansible-pylibssh
Python bindings to client functionality of libssh specific to Ansible use case
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.python313Packages.ansible-pylibssh
Python bindings to client functionality of libssh specific to Ansible use case
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.tests.pkg-config.defaultPkgConfigPackages.libssh2
Test whether libssh2-1.11.1 exposes pkg-config modules libssh2
-
nixos-unstable -
- nixpkgs-unstable libssh2
Package maintainers
-
@svanderburg Sander van der Burg <s.vanderburg@tudelft.nl>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@geluk Johan Geluk <johan+nix@geluk.io>