Issued:: 2025-11-03
Updated:: 2025-11-03

RHSA-2025:19400 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: libssh security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libssh is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2369131 - CVE-2025-5318 libssh: out-of-bounds read in sftp_handle()

CVEs

CVE-2025-5318

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libssh-0.9.0-4.el8_2.1.src.rpm	SHA-256: e9476893e0b773a24b2a8e18dc00ede11e773b5cdad536465945032d86e162e1
x86_64
libssh-0.9.0-4.el8_2.1.i686.rpm	SHA-256: 624dbac71deaf43560d2e76443da378c526b63fc6aa6941c20c1da93867c1942
libssh-0.9.0-4.el8_2.1.x86_64.rpm	SHA-256: 59fe0e6e6d982a9aa5e7d23688ceb0643b0160e82eca16ca4285ebf01eb9ad3a
libssh-config-0.9.0-4.el8_2.1.noarch.rpm	SHA-256: 1815a7458fe499a194fe2df49e4e833ef88cb5deb7d5ddae6dac5813abe35f1a
libssh-debuginfo-0.9.0-4.el8_2.1.i686.rpm	SHA-256: 489781035b29997f25395017e8cb0d1b9caf48cc681a07781ad8c6731e20b538
libssh-debuginfo-0.9.0-4.el8_2.1.i686.rpm	SHA-256: 489781035b29997f25395017e8cb0d1b9caf48cc681a07781ad8c6731e20b538
libssh-debuginfo-0.9.0-4.el8_2.1.x86_64.rpm	SHA-256: 8d97c25884a73b7f2a24730215f2f6b5abb6ef64c7881e557bf5ff23ffa605dc
libssh-debuginfo-0.9.0-4.el8_2.1.x86_64.rpm	SHA-256: 8d97c25884a73b7f2a24730215f2f6b5abb6ef64c7881e557bf5ff23ffa605dc
libssh-debugsource-0.9.0-4.el8_2.1.i686.rpm	SHA-256: 87164afe53024d2a0256328dff204483208dfede3313b944b81b413c3f774023
libssh-debugsource-0.9.0-4.el8_2.1.i686.rpm	SHA-256: 87164afe53024d2a0256328dff204483208dfede3313b944b81b413c3f774023
libssh-debugsource-0.9.0-4.el8_2.1.x86_64.rpm	SHA-256: 911f0fa45a21f1311b205fa80a842cfc1f4d8b1c5329034d68427c344ba9c75e
libssh-debugsource-0.9.0-4.el8_2.1.x86_64.rpm	SHA-256: 911f0fa45a21f1311b205fa80a842cfc1f4d8b1c5329034d68427c344ba9c75e
libssh-devel-0.9.0-4.el8_2.1.i686.rpm	SHA-256: 6c219d7cfba604ff2d744d4996eedca5eff7a349639b913d13031bf4eb5ae8b7
libssh-devel-0.9.0-4.el8_2.1.x86_64.rpm	SHA-256: 9ccd66a32c8ac6eef9ee669ad979bfc1141c6f691a391016e6019bc4ad2f0b6b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation