CVE-2025-5987

8.1 HIGH

Published: July 07, 2025 Modified: March 20, 2026

Description

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:23483

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:23484

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0427

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0428

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0430

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0431

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0702

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0978

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0980

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0985

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:0996

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:1539

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:1541

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2026:3415

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2025-5987

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2376219

Source: secalert@redhat.com

Issue Tracking Third Party Advisory

https://www.libssh.org/security/advisories/CVE-2025-5987.txt

Source: secalert@redhat.com

17 reference(s) from NVD

Quick Stats

CVSS v3 Score

8.1 / 10.0

EPSS (Exploit Probability)

0.1%

20th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-393

Affected Vendors

libssh

Related CVEs

CVE-2026-4779 6.3

CVE-2026-4778 6.3

CVE-2026-4777 6.3

CVE-2026-4433 N/A

CVE-2026-4371 N/A