CVE-2025-5351 – LibSSH Double Free Vulnerability

CVE ID : CVE-2025-5351

Published : July 4, 2025, 9:15 a.m. | 1 hour, 44 minutes ago

Description : A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.

Severity: 4.2 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…