8.1
CVE-2025-5318
- EPSS 2.39%
- Veröffentlicht 24.06.2025 14:15:30
- Zuletzt bearbeitet 30.06.2026 11:16:24
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Libssh: out-of-bounds read in sftp_handle()
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Openshift Container Platform Version4.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.39% | 0.818 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
| secalert@redhat.com | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
https://access.redhat.com/security/cve/CVE-2025-5318
https://bugzilla.redhat.com/show_bug.cgi?id=2369131
https://www.libssh.org/security/advisories/CVE-2025-5318.txt
https://access.redhat.com/errata/RHSA-2025:18231
https://access.redhat.com/errata/RHSA-2025:18275
https://access.redhat.com/errata/RHSA-2025:18286
https://access.redhat.com/errata/RHSA-2025:19012
https://access.redhat.com/errata/RHSA-2025:19098
https://access.redhat.com/errata/RHSA-2025:19101
https://access.redhat.com/errata/RHSA-2025:19400
https://access.redhat.com/errata/RHSA-2025:19401
https://access.redhat.com/errata/RHSA-2025:19470
https://access.redhat.com/errata/RHSA-2025:19472
https://access.redhat.com/errata/RHSA-2025:19295
https://access.redhat.com/errata/RHSA-2025:19313
https://access.redhat.com/errata/RHSA-2025:19300
https://access.redhat.com/errata/RHSA-2025:19807
https://access.redhat.com/errata/RHSA-2025:20943
https://access.redhat.com/errata/RHSA-2025:21013
https://access.redhat.com/errata/RHSA-2025:19864
https://access.redhat.com/errata/RHSA-2025:21329
https://access.redhat.com/errata/RHSA-2025:21829
https://access.redhat.com/errata/RHSA-2025:22275
https://access.redhat.com/errata/RHSA-2025:23078
https://access.redhat.com/errata/RHSA-2025:23079
https://access.redhat.com/errata/RHSA-2025:23080
https://access.redhat.com/errata/RHSA-2026:0326
https://access.redhat.com/errata/RHSA-2026:1541
https://access.redhat.com/errata/RHSA-2026:3461
https://access.redhat.com/errata/RHSA-2026:3462