Medium severity6.5NVD Advisory· Published Jul 4, 2025· Updated May 19, 2026
CVE-2025-5351
CVE-2025-5351
Description
A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10+ 4 more
- cpe:/o:redhat:enterprise_linux:10
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
- osv-coords6 versionspkg:rpm/almalinux/libsshpkg:rpm/almalinux/libssh-configpkg:rpm/almalinux/libssh-develpkg:rpm/opensuse/libssh&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libssh&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/libssh&distro=SUSE%20Linux%20Micro%206.1
< 0.10.4-18.el9+ 5 more
- (no CPE)range: < 0.10.4-18.el9
- (no CPE)range: < 0.10.4-18.el9
- (no CPE)range: < 0.10.4-18.el9
- (no CPE)range: < 0.11.2-1.1
- (no CPE)range: < 0.10.6-2.1
- (no CPE)range: < 0.10.6-slfo.1.1_2.1
Patches
Vulnerability mechanics
References
3- access.redhat.com/security/cve/CVE-2025-5351nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- access.redhat.com/errata/RHSA-2026:18683nvd
News mentions
0No linked articles in our index yet.