A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 5 | Medium | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
| Product | Vendor | Version |
|---|---|---|
| Red Hat Enterprise Linux 8 | Red Hat | < 5.2.2.2950 build 20241114 |
| Red Hat Enterprise Linux 9 | Red Hat | < h5.2.2.2952 build 20241116 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | Red Hat | 1.0.2 |
| Red Hat Enterprise Linux 10 | Red Hat | < h5.1.9.2954 build 20241120 |
| Red Hat Enterprise Linux 8 | Red Hat | 1.0.1 |
| Red Hat Enterprise Linux 6 | Red Hat | < 10.0.19045.3208 |
| Red Hat Enterprise Linux 7 | Red Hat | See HP Security Bulletin reference for affected versions. |
| Red Hat OpenShift Container Platform 4 | Red Hat | n/a |