UBUNTU-CVE-2025-5318

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-5318
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-5318.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-5318
Upstream
Downstream
Related
Published
2025-06-24T14:15:00Z
Modified
2025-07-16T05:22:09Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

References

Affected packages

Ubuntu:Pro:16.04:LTS / libssh

Package

Name
libssh
Purl
pkg:deb/ubuntu/libssh@0.6.3-4.3ubuntu0.6+esm1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.6.3-3ubuntu3
0.6.3-4.1
0.6.3-4.2
0.6.3-4.2ubuntu1
0.6.3-4.3
0.6.3-4.3ubuntu0.1
0.6.3-4.3ubuntu0.2
0.6.3-4.3ubuntu0.5
0.6.3-4.3ubuntu0.6
0.6.3-4.3ubuntu0.6+esm1

Ubuntu:Pro:18.04:LTS / libssh

Package

Name
libssh
Purl
pkg:deb/ubuntu/libssh@0.8.0~20170825.94fa1e38-1ubuntu0.7+esm3?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.7.5-1
0.8.0~20170825.94fa1e38-1
0.8.0~20170825.94fa1e38-1build1
0.8.0~20170825.94fa1e38-1ubuntu0.1
0.8.0~20170825.94fa1e38-1ubuntu0.2
0.8.0~20170825.94fa1e38-1ubuntu0.5
0.8.0~20170825.94fa1e38-1ubuntu0.6
0.8.0~20170825.94fa1e38-1ubuntu0.7
0.8.0~20170825.94fa1e38-1ubuntu0.7+esm3

Ubuntu:Pro:20.04:LTS / libssh

Package

Name
libssh
Purl
pkg:deb/ubuntu/libssh@0.9.3-2ubuntu2.5?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.0-1ubuntu1
0.9.0-1ubuntu4
0.9.0-1ubuntu5
0.9.3-2ubuntu1
0.9.3-2ubuntu2
0.9.3-2ubuntu2.1
0.9.3-2ubuntu2.2
0.9.3-2ubuntu2.3
0.9.3-2ubuntu2.4
0.9.3-2ubuntu2.5

Ubuntu:22.04:LTS / libssh

Package

Name
libssh
Purl
pkg:deb/ubuntu/libssh@0.9.6-2ubuntu0.22.04.4?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.9.6-2ubuntu0.22.04.4

Affected versions

0.*

0.9.6-1
0.9.6-1build1
0.9.6-2
0.9.6-2build1
0.9.6-2ubuntu0.22.04.1
0.9.6-2ubuntu0.22.04.2
0.9.6-2ubuntu0.22.04.3

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libssh-4",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        },
        {
            "binary_name": "libssh-4-dbgsym",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        },
        {
            "binary_name": "libssh-dev",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        },
        {
            "binary_name": "libssh-doc",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        },
        {
            "binary_name": "libssh-gcrypt-4",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        },
        {
            "binary_name": "libssh-gcrypt-4-dbgsym",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        },
        {
            "binary_name": "libssh-gcrypt-dev",
            "binary_version": "0.9.6-2ubuntu0.22.04.4"
        }
    ]
}

Ubuntu:24.04:LTS / libssh

Package

Name
libssh
Purl
pkg:deb/ubuntu/libssh@0.10.6-2ubuntu0.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.10.6-2ubuntu0.1

Affected versions

0.*

0.10.5-3ubuntu1
0.10.5-3ubuntu2
0.10.6-2
0.10.6-2build1
0.10.6-2build2

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libssh-4",
            "binary_version": "0.10.6-2ubuntu0.1"
        },
        {
            "binary_name": "libssh-4-dbgsym",
            "binary_version": "0.10.6-2ubuntu0.1"
        },
        {
            "binary_name": "libssh-dev",
            "binary_version": "0.10.6-2ubuntu0.1"
        },
        {
            "binary_name": "libssh-doc",
            "binary_version": "0.10.6-2ubuntu0.1"
        },
        {
            "binary_name": "libssh-gcrypt-4",
            "binary_version": "0.10.6-2ubuntu0.1"
        },
        {
            "binary_name": "libssh-gcrypt-4-dbgsym",
            "binary_version": "0.10.6-2ubuntu0.1"
        },
        {
            "binary_name": "libssh-gcrypt-dev",
            "binary_version": "0.10.6-2ubuntu0.1"
        }
    ]
}

Ubuntu:25.04 / libssh

Package

Name
libssh
Purl
pkg:deb/ubuntu/libssh@0.11.1-1ubuntu0.1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.11.1-1ubuntu0.1

Affected versions

0.*

0.10.6-3ubuntu1
0.11.1-1

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libssh-4",
            "binary_version": "0.11.1-1ubuntu0.1"
        },
        {
            "binary_name": "libssh-4-dbgsym",
            "binary_version": "0.11.1-1ubuntu0.1"
        },
        {
            "binary_name": "libssh-dev",
            "binary_version": "0.11.1-1ubuntu0.1"
        },
        {
            "binary_name": "libssh-doc",
            "binary_version": "0.11.1-1ubuntu0.1"
        }
    ]
}