CVE-2025-4878

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.6 LOW
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
redhatCNA
3.6 LOW
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Debian logo
Debian Releases
Debian Product
Codename
libssh
bullseye
vulnerable
bullseye (security)
0.9.8-0+deb11u2
fixed
bookworm
0.10.6-0+deb12u2
fixed
bookworm (security)
vulnerable
trixie
0.11.2-1+deb13u1
fixed
forky
0.11.3-1
fixed
sid
0.11.3-1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2025-4878
https://bugzilla.redhat.com/show_bug.cgi?id=2376184
https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1
https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb