CVE-2025-5987
Public on 2025-06-27
Modified on 2025-06-27
Description
If there is an error in initializing ChaCha20 cipher with OpenSSL, an invalid
error code is returned. This can happen if there is an heap exhaustion. This
error is not correctly detected and could allow libssh to use partially
initialized cipher context.
This is caused by the mismatch of return value meaning from OpenSSL and libssh,
where OpenSSL error (rv=0) aliases with SSH_OK (0) and is returned directly
from the function chacha20_poly1305_set_key(). This will likely cause error
somewhere down the road.
error code is returned. This can happen if there is an heap exhaustion. This
error is not correctly detected and could allow libssh to use partially
initialized cipher context.
This is caused by the mismatch of return value meaning from OpenSSL and libssh,
where OpenSSL error (rv=0) aliases with SSH_OK (0) and is returned directly
from the function chacha20_poly1305_set_key(). This will likely cause error
somewhere down the road.
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2023 | libssh | Pending Fix |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 5.0 | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |