CVE-2025-5318
Published: 24 June 2025
Summary
CVE-2025-5318 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Redhat Enterprise Linux. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique OS Credential Dumping (T1003); ranked at the 39.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23900
Vulnerability details
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle…
more
list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds read in libssh SFTP handle permits authenticated remote access to unintended memory regions in the server process, facilitating OS Credential Dumping by potentially exposing credentials or sensitive data from process memory.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.