๐Ÿ” CVE Alert

CVE-2025-5987

HIGH 8.1

Libssh: invalid return code for chacha20 poly1305 with openssl backend

CVSS Score
8.1
EPSS Score
0.1%
EPSS Percentile
15th

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.

CWE CWE-393
Published Jul 7, 2025
Last Updated Mar 20, 2026
Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new high vulnerabilities are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

Red Hat / Red Hat Enterprise Linux 10
All versions affected
Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.13
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.14
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.15
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.16
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.17
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.18
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.19
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.20
All versions affected
Red Hat / Red Hat Enterprise Linux 6
All versions affected
Red Hat / Red Hat Enterprise Linux 7
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2025:23483 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:23484 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0427 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0428 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0430 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0431 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0702 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0978 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0980 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0985 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:0996 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:1539 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:1541 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3415 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-5987 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2376219 libssh.org: https://www.libssh.org/security/advisories/CVE-2025-5987.txt