{"id":"CVE-2025-5351","summary":"Libssh: double free vulnerability in libssh key export functions","details":"A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.","modified":"2026-05-28T04:10:56.351036474Z","published":"2025-07-04T08:16:47.122Z","related":["ALSA-2026:18683","SUSE-SU-2025:20557-1","SUSE-SU-2025:20596-1","openSUSE-SU-2025:15243-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/5xxx/CVE-2025-5351.json","cna_assigner":"redhat","cwe_ids":["CWE-415"]},"references":[{"type":"WEB","url":"https://access.redhat.com/downloads/content/package-browser/"},{"type":"WEB","url":"https://git.libssh.org/projects/libssh.git/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:18683"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2025-5351"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/5xxx/CVE-2025-5351.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5351"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369367"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.libssh.org/projects/libssh.git","events":[{"introduced":"7f6b3fab4e8d4b97e73d5ca60ddc5a3d0f5880d2"},{"fixed":"dff6c0821ed54f6fbf5b755af43f54cbb723b1b1"}],"database_specific":{"extracted_events":[{"introduced":"0.10.0"},{"fixed":"0.11.2"}],"source":"AFFECTED_FIELD"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-5351.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.com/libssh/libssh-mirror","events":[{"introduced":"7f6b3fab4e8d4b97e73d5ca60ddc5a3d0f5880d2"},{"fixed":"dff6c0821ed54f6fbf5b755af43f54cbb723b1b1"}],"database_specific":{"cpe":"cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0.10.0"},{"fixed":"0.11.2"}],"source":"CPE_RANGE"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-5351.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}