1. Home
  2. CVE Database
  3. CVE-2025-8277
LOW · 3.1

CVE-2025-8277

A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gr...

Vulnerability Description

A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Related Weaknesses (CWE)

CWE-401

References

FAQ

What is CVE-2025-8277?

CVE-2025-8277 is a vulnerability with a CVSS score of 3.1 (LOW). A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gr...

How severe is CVE-2025-8277?

CVE-2025-8277 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-8277?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.