CVE-2025-5372

5.0 MEDIUM

Published: July 04, 2025 Modified: December 10, 2025

Description

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:21977

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:23024

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2025-5372

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2369388

Source: secalert@redhat.com

Issue Tracking Third Party Advisory

4 reference(s) from NVD

Quick Stats

CVSS v3 Score

5.0 / 10.0

EPSS (Exploit Probability)

0.1%

18th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-682

Affected Vendors

libssh redhat

Related CVEs

CVE-2026-0824 3.5

CVE-2026-0822 6.3

CVE-2025-13393 4.3

CVE-2025-12379 6.4

CVE-2026-0821 7.3