{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "Commit: 4e65d6ac69edeaf68610af1242728e9dca5a26c2", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/alpinelinux3.18els/advisories/2025/clsa-2025_1765825935.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1765825935", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1765825935" } ], "tracking": { "current_release_date": "2025-12-15T19:12:50Z", "generator": { "date": "2025-12-15T19:12:50Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1765825935", "initial_release_date": "2025-12-15T19:12:50Z", "revision_history": [ { "date": "2025-12-15T19:12:50Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "Update of libssh" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Alpine Linux 3.18", "product": { "name": "Alpine Linux 3.18", "product_id": "Alpine-Linux-3.18", "product_identification_helper": { "cpe": "cpe:2.3:o:alpinelinux:alpine_linux:3.18:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Alpine Linux" } ], "category": "vendor", "name": "Alpine Linux" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64", "product": { "name": "libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64", "product_id": "libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64", "product_identification_helper": { "purl": "pkg:apk/tuxcare/libssh-dev@0.10.5.tuxcare.els2-rr0?arch=x86_64" } } }, { "category": "product_version", "name": "libssh-0.10.5.tuxcare.els2-rr0.x86_64", "product": { "name": "libssh-0.10.5.tuxcare.els2-rr0.x86_64", "product_id": "libssh-0.10.5.tuxcare.els2-rr0.x86_64", "product_identification_helper": { "purl": "pkg:apk/tuxcare/libssh@0.10.5.tuxcare.els2-rr0?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64 as a component of Alpine Linux 3.18", "product_id": "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" }, "product_reference": "libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64", "relates_to_product_reference": "Alpine-Linux-3.18" }, { "category": "default_component_of", "full_product_name": { "name": "libssh-0.10.5.tuxcare.els2-rr0.x86_64 as a component of Alpine Linux 3.18", "product_id": "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64" }, "product_reference": "libssh-0.10.5.tuxcare.els2-rr0.x86_64", "relates_to_product_reference": "Alpine-Linux-3.18" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-5372", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "notes": [ { "category": "description", "text": "A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64", "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-5372" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2025:21977", "url": "https://access.redhat.com/errata/RHSA-2025:21977" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2025:23024", "url": "https://access.redhat.com/errata/RHSA-2025:23024" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2025-5372", "url": "https://access.redhat.com/security/cve/CVE-2025-5372" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2369388", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369388" } ], "release_date": "2025-07-04T06:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-12-15T19:12:17.030168Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1765825935", "product_ids": [ "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64", "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1765825935" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64", "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-5987", "cwe": { "id": "CWE-393", "name": "Return of Wrong Status Code" }, "notes": [ { "category": "description", "text": "A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64", "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-5987" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2025-5987", "url": "https://access.redhat.com/security/cve/CVE-2025-5987" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2376219", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376219" } ], "release_date": "2025-07-07T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-12-15T19:12:17.030168Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1765825935", "product_ids": [ "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64", "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1765825935" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Alpine-Linux-3.18:libssh-0.10.5.tuxcare.els2-rr0.x86_64", "Alpine-Linux-3.18:libssh-dev-0.10.5.tuxcare.els2-rr0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }