CVE-2025-54804

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-54804
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54804.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-54804
Aliases
Published
2025-08-05T00:05:20.971Z
Modified
2026-04-10T05:29:40.945221Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Russh is missing an overflow check during channel windows adjust
Details

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an internal state value. This can result in a integer overflow. If the Rust code is compiled with overflow checks, it will panic. A malicious client can crash a server. This is fixed in version 0.54.1.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/54xxx/CVE-2025-54804.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-190"
    ]
}
References

Affected packages

Git
github.com/eugeny/russh

Affected ranges

Type
GIT
Repo
https://github.com/eugeny/russh
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4a5f69b914081f79d6448f48644a2f5fae91cc9f

Affected versions

0.*
0.37.0-beta.1
v0.*
v0.34.0
v0.35.0-beta.1
v0.35.0-beta.2
v0.35.0-beta.3
v0.35.0-beta.5
v0.35.0-beta.6
v0.35.0-beta.7
v0.35.0-beta.8
v0.35.0-beta.9
v0.36.1
v0.37.0
v0.37.0-beta.1
v0.37.1
v0.38.0
v0.38.0-beta.1
v0.39.0-beta.1
v0.40.0
v0.40.1
v0.40.2
v0.42.0
v0.43.0
v0.43.0-beta.1
v0.44.0
v0.44.0-beta.1
v0.44.0-beta.3
v0.44.0-beta.4
v0.45.0
v0.46.0
v0.47.0-beta.3
v0.47.0-beta.4
v0.48.0
v0.48.1
v0.48.2
v0.49.0
v0.50.0
v0.50.0-beta.10
v0.50.0-beta.11
v0.50.0-beta.12
v0.50.0-beta.2
v0.50.0-beta.3
v0.50.0-beta.4
v0.50.0-beta.5
v0.50.0-beta.6
v0.50.0-beta.7
v0.50.0-beta.8
v0.50.0-beta.9
v0.50.1
v0.50.3
v0.50.4
v0.51.0
v0.51.0-beta.1
v0.51.0-beta.2
v0.51.0-beta.3
v0.51.1
v0.52.0
v0.52.0-beta.1
v0.52.1
v0.53.0
v0.53.0-beta.1
v0.54.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54804.json"
github.com/warp-tech/russh

Affected ranges

Type
GIT
Repo
https://github.com/warp-tech/russh
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4a5f69b914081f79d6448f48644a2f5fae91cc9f
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.54.1"
        }
    ]
}

Affected versions

0.*
0.37.0-beta.1
v0.*
v0.34.0
v0.35.0-beta.1
v0.35.0-beta.2
v0.35.0-beta.3
v0.35.0-beta.5
v0.35.0-beta.6
v0.35.0-beta.7
v0.35.0-beta.8
v0.35.0-beta.9
v0.36.1
v0.37.0
v0.37.0-beta.1
v0.37.1
v0.38.0
v0.38.0-beta.1
v0.39.0-beta.1
v0.40.0
v0.40.1
v0.40.2
v0.42.0
v0.43.0
v0.43.0-beta.1
v0.44.0
v0.44.0-beta.1
v0.44.0-beta.3
v0.44.0-beta.4
v0.45.0
v0.46.0
v0.47.0-beta.3
v0.47.0-beta.4
v0.48.0
v0.48.1
v0.48.2
v0.49.0
v0.50.0
v0.50.0-beta.10
v0.50.0-beta.11
v0.50.0-beta.12
v0.50.0-beta.2
v0.50.0-beta.3
v0.50.0-beta.4
v0.50.0-beta.5
v0.50.0-beta.6
v0.50.0-beta.7
v0.50.0-beta.8
v0.50.0-beta.9
v0.50.1
v0.50.3
v0.50.4
v0.51.0
v0.51.0-beta.1
v0.51.0-beta.2
v0.51.0-beta.3
v0.51.1
v0.52.0
v0.52.0-beta.1
v0.52.1
v0.53.0
v0.53.0-beta.1
v0.54.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54804.json"
github.com/warp-tech/warpgate

Affected ranges

Type
GIT
Repo
https://github.com/warp-tech/warpgate
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
32e7e3a14d59bf61469f1115027a44ada9981d8d
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.16.0"
        }
    ]
}

Affected versions

v0.*
v0.1.0
v0.1.1
v0.10.0
v0.10.1
v0.10.2
v0.11.0
v0.12.0
v0.12.0-beta.1
v0.12.0-beta.2
v0.13.0
v0.13.0-beta.1
v0.13.0-beta.2
v0.13.1
v0.13.2
v0.14.0
v0.14.0-beta.1
v0.14.0-beta.2
v0.14.0-beta.3
v0.14.1
v0.15.0
v0.15.0-beta.1
v0.15.0-beta.2
v0.2.0
v0.2.1
v0.2.2
v0.3.0
v0.4.0
v0.5.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.8.0
v0.8.1
v0.9.0
v0.9.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54804.json"