libssh-0.10.4-15.el9_7

エラータID: AXSA:2025-11432:04

Release date: 
Wednesday, December 3, 2025 - 23:58
Subject: 
libssh-0.10.4-15.el9_7
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

* libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

Solution: 

Update packages.

CVEs: 
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
Additional Info: 

N/A

Download: 

SRPMS
  1. libssh-0.10.4-15.el9_7.src.rpm
    MD5: 58db9fa846087251a55d28c2d52098f2
    SHA-256: 573c04e3f8d21742b24fa6e89402648d6c6aef11ed13db88572d0b5e37f89499
    Size: 653.71 kB

Asianux Server 9 for x86_64
  1. libssh-0.10.4-15.el9_7.i686.rpm
    MD5: 6d26058314a975729258dbafa486acef
    SHA-256: 0961032870d7a464e0209a7aa582ae7059a3785846326044764c973ec2c3d804
    Size: 228.47 kB
  2. libssh-0.10.4-15.el9_7.x86_64.rpm
    MD5: 35f91b7d630dee5570b3464fbb3658b8
    SHA-256: 292ad2dda3903ce5488fc34eef793d3adbaf0e0bafb13b73af2d94d9a7f7f13e
    Size: 213.55 kB
  3. libssh-config-0.10.4-15.el9_7.noarch.rpm
    MD5: d38b1f963ad9e89c2885b360d2279f56
    SHA-256: c550617b41a1c79971ab3b99935d5cc8fe9b433b1361e623d623f6500517d2f8
    Size: 7.86 kB
  4. libssh-devel-0.10.4-15.el9_7.i686.rpm
    MD5: c4ace20c368ad0e43fffe8115c985f47
    SHA-256: c712419e2b670b57c2090cf756e1ce775514c35f929814d58ee832223e2d8bb2
    Size: 37.41 kB
  5. libssh-devel-0.10.4-15.el9_7.x86_64.rpm
    MD5: 726cb3a4c6b80a5c567db9ce6d5014b5
    SHA-256: 8f0f45ee40a04587036aed377c6771e4a4131b124dbe6c7a543db6c851ecb0ca
    Size: 37.40 kB