CVE-2025-5449: 
Linux Debian vulnerability analysis and mitigation

CVE-2025-5449 is a security vulnerability affecting libssh versions 0.11.0 and 0.11.1, specifically in the sftp server message decoding functionality. The vulnerability was discovered and disclosed on June 25, 2025, and involves an incorrect packet length check in the sftpdecodechanneldatato_packet() function used in the sftpserver implementation (LibSSH Advisory).

The vulnerability stems from an integer overflow in the packet length check where malicious clients can send invalid SFTP packets with payload size field set to value 0x7ffffffc (2GB - 3B). This value incorrectly passes the validity check on 32-bit platforms in the sftpdecodechanneldatato_packet() function. The vulnerability has been assigned a CVSS v3.1 score of 3.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C) (LibSSH Advisory).

While the vulnerability could potentially lead to buffer bounds issues, the actual impact is limited to a self-DoS (Denial of Service) of the sftp server process. This occurs because the sshbufferadd_data() function fails to allocate buffers larger than 256MB, preventing actual buffer overflow exploitation. The vulnerability is only exploitable on sftp servers running on 32-bit platforms (LibSSH Advisory).

The vulnerability has been fixed in libssh version 0.11.2. System administrators are strongly advised to upgrade to this version as soon as possible. No alternative workarounds are available for this vulnerability (LibSSH Advisory, OSS Security).