CVE-2025-5987

8.1 HIGH

📋 TL;DR

This vulnerability in libssh occurs when using ChaCha20 cipher with OpenSSL, where heap exhaustion errors aren't properly detected, leading to use of partially initialized cipher contexts. This can result in undefined behavior including data compromise or crashes. Systems using libssh with OpenSSL and ChaCha20 cipher are affected.

💻 Affected Systems

Products:
  • libssh
  • applications using libssh library
Versions: Specific versions not provided in CVE description, but Red Hat advisories indicate affected versions in their distributions
Operating Systems: Linux distributions (particularly Red Hat variants), Any OS using vulnerable libssh versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects configurations using ChaCha20 cipher with OpenSSL backend. Other ciphers or backends are not vulnerable.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of SSH session confidentiality and integrity, allowing attackers to decrypt or manipulate traffic, potentially leading to full system compromise.

🟠

Likely Case

SSH session crashes or data corruption, causing service disruption and potential information disclosure.

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring, though risk remains for vulnerable systems.

🌐 Internet-Facing: HIGH - SSH servers exposed to internet are directly vulnerable to attacks targeting this cipher implementation.
🏢 Internal Only: MEDIUM - Internal SSH connections could be exploited by compromised internal systems or malicious insiders.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires attacker to exhaust heap memory and trigger the specific error condition during SSH session establishment with ChaCha20 cipher.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Red Hat advisories for specific patched versions (RHSA-2025:23483, RHSA-2025:23484, RHSA-2026:0427, RHSA-2026:0428, RHSA-2026:0430)

Vendor Advisory: https://access.redhat.com/errata/RHSA-2025:23483

Restart Required: Yes

Instructions:

1. Identify affected libssh packages. 2. Apply vendor patches via package manager. 3. Restart SSH services and applications using libssh. 4. Verify patch application.

🔧 Temporary Workarounds

Disable ChaCha20 cipher

linux

Remove ChaCha20 from allowed SSH ciphers to prevent exploitation

In sshd_config: Ciphers aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com

🧯 If You Can't Patch

  • Implement strict network segmentation to limit SSH access to trusted sources only
  • Deploy additional monitoring and alerting for SSH connection failures and memory exhaustion events

🔍 How to Verify

Check if Vulnerable:

Check libssh version and configuration: 'ssh -Q cipher' to see if ChaCha20 is enabled, and verify libssh version against patched releases

Check Version:

rpm -q libssh || dpkg -l libssh* || ldd --version | grep libssh

Verify Fix Applied:

Verify patched libssh version is installed and ChaCha20 cipher is either disabled or patched version is confirmed

📡 Detection & Monitoring

Log Indicators:

  • SSH connection failures with memory allocation errors
  • Unexpected SSH session terminations
  • System logs showing memory exhaustion

Network Indicators:

  • Multiple failed SSH connection attempts targeting ChaCha20 cipher
  • Unusual SSH traffic patterns

SIEM Query:

source="sshd" AND ("memory" OR "heap" OR "allocation") AND ("error" OR "failed" OR "terminated")

📊 Metadata

CVE ID: CVE-2025-5987
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-393
Published: July 7, 2025
Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON