CVE-2025-5449

{"id": "CVE-2025-5449", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-07-25T18:15:26.967", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-5449", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369705", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=261612179f740bc62ba363d98b3bd5e5573a811f", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=3443aec90188d6aab9282afc80a81df5ab72c4da", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=5504ff40515439a5fecbb17da7483000c4d12eb7", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=78485f446af9b30e37eb8f177b81940710d54496", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=f79ec51b7fd519dbc5737a7ba826e3ed093f6ceb", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://www.libssh.org/security/advisories/CVE-2025-5449.txt", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service."}, {"lang": "es", "value": "Se detect\u00f3 una falla en la l\u00f3gica de decodificaci\u00f3n de mensajes del servidor SFTP de libssh. El problema se debe a una comprobaci\u00f3n incorrecta de la longitud del paquete, lo que permite un desbordamiento de enteros al gestionar payloads de gran tama\u00f1o en sistemas de 32 bits. Este problema provoca errores en la asignaci\u00f3n de memoria y el bloqueo del proceso del servidor, lo que resulta en una denegaci\u00f3n de servicio."}], "lastModified": "2025-08-14T00:39:43.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libssh:libssh:0.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57396877-0D7A-4506-8C21-38EC7DFB3F04"}, {"criteria": "cpe:2.3:a:libssh:libssh:0.11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C4817DC-731C-4EA3-BF8A-FCCE4AB8AF87"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}