CVE-2025-8277
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2025-09-09

Last updated on: 2026-05-19

Assigner: Red Hat, Inc.

Description
A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-09
Last Modified
2026-05-19
Generated
2026-06-16
AI Q&A
2025-09-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-8277
EUVD
EUVD-2025-27246
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
libssh libssh *
mbedtls mbedtls *
libgcrypt libgcrypt *
openssl openssl *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

The vulnerability can cause client-side application instability and availability issues by exhausting system memory through repeated incorrect key exchange attempts. This can lead to crashes or denial-of-service conditions on the client side, especially when using cryptographic backends like libgcrypt. [1]

Executive Summary

This vulnerability is a memory exhaustion issue in the libssh library's key exchange (KEX) process. When an authenticated client repeatedly sends incorrect guesses during rekeying attempts, libssh fails to free previously allocated memory for ephemeral key pairs. This causes a memory leak that gradually consumes system memory, potentially leading to client-side crashes and denial-of-service conditions. [1]

Detection Guidance

This vulnerability involves a memory leak triggered by an authenticated client repeatedly sending incorrect key exchange guesses to libssh. Detection would involve monitoring client-side memory usage for abnormal increases during SSH sessions using libssh versions 0.6.0 and later. Network detection could focus on identifying repeated rekeying attempts with incorrect first_kex_packet_follows parameters from authenticated clients. However, no specific detection commands are provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps include updating libssh to a version later than 0.6.0 where this memory leak issue is fixed. Additionally, restricting or monitoring authenticated client rekey attempts to prevent repeated incorrect KEX guesses can reduce exploitation risk. Since the vulnerability affects client-side memory, ensuring clients use patched versions and limiting exposure to untrusted servers or clients is advisable. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-8277. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart