CVE-2025-8114 Information
Jul 25, 2025
cve
Description
A flaw was found in libssh a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Reference
https://access.redhat.com/security/cve/CVE-2025-8114 https://bugzilla.redhat.com/show_bug.cgi?id=2383220
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
4.7
Related CNNVD
CNNVD-202507-3100 (Published: 2025-07-24)
Share on: