libssh-0.10.4-15.el9_6

エラータID: AXSA:2025-10974:01

リリース日: 
2025/10/19 Sunday - 10:03
題名: 
libssh-0.10.4-15.el9_6
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

* libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

解決策: 

Update packages.

CVE: 
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. libssh-0.10.4-15.el9_6.src.rpm
    MD5: 039c30774bf5f41798f8d807fd4c4bad
    SHA-256: 546c6246651fcfd1843436c52555501e7fb072e57d53cc725353b895a27a0ff9
    Size: 653.67 kB

Asianux Server 9 for x86_64
  1. libssh-0.10.4-15.el9_6.i686.rpm
    MD5: 1f0934e6b87432e604a699480eb45a9b
    SHA-256: f34251b69cd224aff8311f139b6ed963c7195f30cc39abd281c80b615ccefad3
    Size: 228.84 kB
  2. libssh-0.10.4-15.el9_6.x86_64.rpm
    MD5: bcf5e8c36e647d0ab360a71e1bd30ae3
    SHA-256: 90b2cdbc2dc068a1daf3bafdecabccc9401dbdaeef3f3e04ad151c08839d2c34
    Size: 213.63 kB
  3. libssh-config-0.10.4-15.el9_6.noarch.rpm
    MD5: 5be1b283c05d3a051d7877697be0e315
    SHA-256: c296c20ca005b9853c540b277aaeb5e49a050bbfacd6ec55b59b10b62368817d
    Size: 7.85 kB
  4. libssh-devel-0.10.4-15.el9_6.i686.rpm
    MD5: 2d7e5d7f3816192bec330fbc57c3e36b
    SHA-256: 8f2a24af32645b5ad3c2bedb0fd340db41ba49b3d867c8cd66ed1900edfa683d
    Size: 37.41 kB
  5. libssh-devel-0.10.4-15.el9_6.x86_64.rpm
    MD5: 4c9e395389d26b95f0c9e75cff13f6d1
    SHA-256: 3c291cd5232b5381d4eca6ac9184b534df741e51bd48b5a4f5781df4a7f1b741
    Size: 37.39 kB