CNNVD-202507-3100 Information

CNNVD ID

CNNVD-202507-3100

Related CVE

CVE-2025-8114

• CNNVD Published: 2025-07-24

Description (Chinese)

libssh是libssh组织的一个用于访问SSH服务的C语言开发包，它能够执行远程命令、文件传输，同时为远程的程序提供安全的传输通道。 libssh存在代码问题漏洞，该漏洞源于密钥交换过程中计算会话ID时可能发生空指针取消引用，可能导致崩溃。

Description (English)

Libssh, a C-language development package for access to SSH services organized by Libssh, is capable of carrying out remote commands, file transfers and, at the same time, providing secure transmission channels for remote programs. Libssh has a code problem loophole, which stems from the possibility of an empty pointer cancellation when calculating a session ID during a key exchange, which could lead to a breakdown.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

libssh

Published

2025-07-24

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-8114 https://bugzilla.redhat.com/show_bug.cgi?id=2383220