CVE-2025-5318

high

Description

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

References

Advisories
More

https://bugzilla.redhat.com/show_bug.cgi?id=2369131

https://access.redhat.com/security/cve/CVE-2025-5318

https://access.redhat.com/errata/RHSA-2025:21013

https://access.redhat.com/errata/RHSA-2025:20943

https://access.redhat.com/errata/RHSA-2025:19807

https://access.redhat.com/errata/RHSA-2025:19472

https://access.redhat.com/errata/RHSA-2025:19470

https://access.redhat.com/errata/RHSA-2025:19401

https://access.redhat.com/errata/RHSA-2025:19400

https://access.redhat.com/errata/RHSA-2025:19313

https://access.redhat.com/errata/RHSA-2025:19300

https://access.redhat.com/errata/RHSA-2025:19295

https://access.redhat.com/errata/RHSA-2025:19101

https://access.redhat.com/errata/RHSA-2025:19098

https://access.redhat.com/errata/RHSA-2025:19012

https://access.redhat.com/errata/RHSA-2025:18286

https://access.redhat.com/errata/RHSA-2025:18275

https://access.redhat.com/errata/RHSA-2025:18231

https://www.libssh.org/security/advisories/CVE-2025-5318.txt

Details

Source: Mitre, NVD

Published: 2025-06-24

Updated: 2025-11-11

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:C

Severity: High

CVSS v3

Base Score: 8.1

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00037