===========================================================
== Subject:     Double free in functions exporting keys
==
== CVE ID#:     CVE-2025-5351
==
== Versions:    libssh >= 0.10.0, built with OpenSSL >= 3.0
==
== Summary:     Exporting keys can cause a double free corruption on certain errors
==
===========================================================

===========
Description
===========

pki_key_to_blob() can cause a double free on certain errors when using OpenSSL
>= 3.0.  The function is used by different other functions which allow to
export public or private keys to blobs or base64.

The function is using the variable params without resetting it to NULL after
free.  In case of low-memory conditions when the allocation of string fails,
the libssh calls the OSSL_PARAM_free() with the same arguments, which will
likely crash.

==================
Patch Availability
==================

Patches addressing the issues have been posted to:
https://www.libssh.org/security/
Additionally, libssh 0.11.2 have been issued
as security releases to correct the defect.  SSH administrators are
advised to upgrade to these releases or apply the patch as soon
as possible.

==================
CVSSv3 calculation
==================
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C (3.8)

==========
Workaround
==========
None

=======
Credits
=======

Originally reported by Ronald Crane (Hackerone: tdp3kel9g) via Zippenhop LLC
Patches provided by Jakub Jelen from the libssh team.

==========================================================
== The libssh team
==========================================================