2383220 – (CVE-2025-8114) CVE-2025-8114 CVE-2025-8114: NULL Pointer Dereference in libssh KEX Session ID Calculation

This bug is in the 'Embargoed' Data Category and access to this data must be restricted as per the Data Reuse Policy.

Bug 2383220 (CVE-2025-8114) - CVE-2025-8114 CVE-2025-8114: NULL Pointer Dereference in libssh KEX Session ID Calculation

Summary: CVE-2025-8114 CVE-2025-8114: NULL Pointer Dereference in libssh KEX Session I...

Keywords:
Status:	NEW
Alias:	CVE-2025-8114
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2383236 2383237 2394054
Blocks:
TreeView+	depends on / blocked

Reported:	2025-07-24 12:41 UTC by OSIDB Bzimport
Modified:	2025-09-09 12:02 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:	Yes

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-07-24 12:41:16 UTC

NULL Pointer Dereference vulnerability in the session ID calculation logic of the libssh library. The flaw arises from improper handling of allocation errors during cryptographic operations in the key exchange (KEX) phase. If a memory allocation fails, the resulting NULL pointer may be dereferenced, leading to a crash in both SSH clients and servers. This vulnerability can be exploited by a local attacker with limited privileges and no user interaction, potentially disrupting services that rely on libssh for secure communication.The issue affects libssh versions up to and including 0.11.2.

Comment 1 Avinash Hanwate 2025-07-25 10:32:03 UTC

Note You need to log in before you can comment on or make changes to this bug.