CVE-2025-5372: 
NixOS vulnerability analysis and mitigation

A critical vulnerability (CVE-2025-5372) was discovered in libssh versions built with OpenSSL versions older than 3.0. The flaw specifically affects the ssh_kdf() function responsible for key derivation. The vulnerability was reported on May 30, 2025, and stems from inconsistent interpretation of return values between OpenSSL and libssh, where OpenSSL uses 0 to indicate failure while libssh interprets 0 as success (MITRE CVE, NVD).

The vulnerability occurs in the ssh_kdf() function where return value interpretation mismatches between OpenSSL and libssh lead to incorrect success status returns during key derivation failures. This results in uninitialized cryptographic key buffers being used in subsequent communications. The vulnerability has been assigned a CVSS v3.1 base score of 5.0 (Medium) with the vector string CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L, indicating network vector attack with high complexity and low privileges required (Red Hat CVE).

The vulnerability can potentially compromise SSH sessions' confidentiality, integrity, and availability. When exploited, it may lead to the use of uninitialized cryptographic keys, affecting the encryption and decryption of SSH traffic. This could result in data leakage, integrity issues, or denial of service during SSH communication (Red Hat Bugzilla).

Several Linux distributions have released fixes for the vulnerability. Ubuntu has fixed the issue in versions 25.04 (plucky), 24.10 (oracular), 24.04 LTS (noble), and 22.04 LTS (jammy). Debian has addressed the vulnerability in version 0.11.2-1 for trixie and sid releases. Users are advised to update to the latest patched versions of libssh (Ubuntu Security, Debian Security).