CVE-2025-4877

There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh.
Configurations

No configuration.

History

19 May 2026, 14:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:18683 -

15 Apr 2026, 00:35

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad en el paquete libssh: cuando un consumidor de libssh pasa un búfer de entrada inesperadamente grande a la función ssh_get_fingerprint_hash(), la función bin_to_base64() puede experimentar un desbordamiento de enteros que provoca una asignación insuficiente de memoria. En este caso, es posible que el programa realice una escritura fuera de los límites, lo que provoca una corrupción del montón. Este problema solo afecta a las compilaciones de 32 bits de libssh.

20 Aug 2025, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-08-20 13:15

Updated : 2026-06-30 11:16


NVD link : CVE-2025-4877

Mitre link : CVE-2025-4877

CVE.ORG link : CVE-2025-4877


JSON object : View

Products Affected

No product.

CWE
CWE-787

Out-of-bounds Write