libssh-0.9.6-16.el8_10

エラータID: AXSA:2025-11173:03

Release date: 
Friday, November 28, 2025 - 19:30
Subject: 
libssh-0.9.6-16.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

* libssh: Incorrect Return Code Handling in ssh_kdf() in libssh (CVE-2025-5372)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-5372
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

Solution: 

Update packages.

CVEs: 
CVE-2025-5372
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
Additional Info: 

N/A

Download: 

SRPMS
  1. libssh-0.9.6-16.el8_10.src.rpm
    MD5: be16dfb7404de4c2f21ca61665a4f71b
    SHA-256: 5bf36d820949982e04bba8451b3d776d94d22a3b13853a8ba240476d1e9325b3
    Size: 1.10 MB

Asianux Server 8 for x86_64
  1. libssh-0.9.6-16.el8_10.i686.rpm
    MD5: e9ef22cddd379da7ac0a21a12ddeef5a
    SHA-256: a9494ca9f6816a4578413dec538d17b4b8496b169c03e942d15fb39b6e3e39ea
    Size: 239.06 kB
  2. libssh-0.9.6-16.el8_10.x86_64.rpm
    MD5: e8ed992ef30b19f38306d6a194bb0980
    SHA-256: 5a1c702a5eb9805920f0f9bb72adb051a96a193e977264eb57799991862b135f
    Size: 219.13 kB
  3. libssh-config-0.9.6-16.el8_10.noarch.rpm
    MD5: c65040dd7e174774cb4bab5d8f09b621
    SHA-256: 68977e76ff03a174e0358ff7e61bac7f462d691a39b9673fac5ad0570390de12
    Size: 20.18 kB
  4. libssh-devel-0.9.6-16.el8_10.i686.rpm
    MD5: cb465168aaae2dae7fe3c90713dec24f
    SHA-256: d3c39d0c929a48dd7bef2fc053cf45350303e2214b8d1e1e0f14299de2694258
    Size: 442.50 kB
  5. libssh-devel-0.9.6-16.el8_10.x86_64.rpm
    MD5: a6a337640cad5f9ad61e7839545e13d7
    SHA-256: 17351f1dd21b31c63f92105d93a0e9b629b372970a25ad051b83ccb9fc7b4728
    Size: 442.49 kB