Vulnerability Description
A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libssh | Libssh | >= 0.10.0, < 0.11.2 |
| Redhat | Openshift Container Platform | 4.0 |
| Redhat | Enterprise Linux | 6.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2026:18683
- https://access.redhat.com/security/cve/CVE-2025-5351Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2369367Issue TrackingThird Party Advisory
FAQ
What is CVE-2025-5351?
CVE-2025-5351 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a me...
How severe is CVE-2025-5351?
CVE-2025-5351 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5351?
Check the references section above for vendor advisories and patch information. Affected products include: Libssh Libssh, Redhat Openshift Container Platform, Redhat Enterprise Linux.