4 files changed, 160 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-1.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-1.patch
new file mode 100644
index 0000000000..30198df0f4
--- /dev/null
+++ b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-1.patch
@@ -0,0 +1,57 @@
+From 266174a6d36687b65cf90174f06af90b8b27c65f Mon Sep 17 00:00:00 2001
+From: Francesco Rollo <eferollo@gmail.com>
+Date: Thu, 24 Jul 2025 16:30:07 +0300
+Subject: [PATCH 1/3] CVE-2025-8277: Fix memory leak of unused ephemeral key
+ pair after client's wrong KEX guess
+Signed-off-by: Francesco Rollo <eferollo@gmail.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit ccff22d3787c1355b3f0dcd09fe54d90acc55bf1)
+CVE: CVE-2025-8277
+Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=266174a6d36687b65cf90174f06af90b8b27c65f]
+Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
+---
+ src/ecdh_gcrypt.c     | 6 ++++++
+ src/ecdh_mbedcrypto.c | 6 ++++++
+ 2 files changed, 12 insertions(+)
+diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
+index bc45adf7..b2e5390c 100644
+--- a/src/ecdh_gcrypt.c
+++ b/src/ecdh_gcrypt.c
+@@ -101,6 +101,12 @@ int ssh_client_ecdh_init(ssh_session session)
+         goto out;
+     }
+ 
+    /* Free any previously allocated privkey */
+    if (session->next_crypto->ecdh_privkey != NULL) {
+        gcry_sexp_release(session->next_crypto->ecdh_privkey);
+        session->next_crypto->ecdh_privkey = NULL;
+    }
+
+     session->next_crypto->ecdh_privkey = key;
+     key = NULL;
+     session->next_crypto->ecdh_client_pubkey = client_pubkey;
+diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
+index fa350028..f7b0301b 100644
+--- a/src/ecdh_mbedcrypto.c
+++ b/src/ecdh_mbedcrypto.c
+@@ -65,6 +65,12 @@ int ssh_client_ecdh_init(ssh_session session)
+         return SSH_ERROR;
+     }
+ 
+    /* Free any previously allocated privkey */
+    if (session->next_crypto->ecdh_privkey != NULL) {
+        mbedtls_ecp_keypair_free(session->next_crypto->ecdh_privkey);
+        SAFE_FREE(session->next_crypto->ecdh_privkey);
+    }
+
+     session->next_crypto->ecdh_privkey = malloc(sizeof(mbedtls_ecp_keypair));
+     if (session->next_crypto->ecdh_privkey == NULL) {
+         return SSH_ERROR;
+-- 
+2.48.1
diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-2.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-2.patch
new file mode 100644
index 0000000000..87a4b684a4
--- /dev/null
+++ b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-2.patch
@@ -0,0 +1,50 @@
+From 8e4d67aa9eda455bfad9ac610e54b7a548d0aa08 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Wed, 6 Aug 2025 11:10:38 +0200
+Subject: [PATCH 2/3] CVE-2025-8277: ecdh: Free previously allocated pubkeys
+Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit c9d95ab0c7a52b231bcec09afbea71944ed0d852)
+CVE: CVE-2025-8277
+Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=8e4d67aa9eda455bfad9ac610e54b7a548d0aa08]
+Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
+---
+ src/ecdh_crypto.c | 1 +
+ src/ecdh_gcrypt.c | 3 ++-
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+diff --git a/src/ecdh_crypto.c b/src/ecdh_crypto.c
+index a3c78469..bb4c3fc0 100644
+--- a/src/ecdh_crypto.c
+++ b/src/ecdh_crypto.c
+@@ -106,6 +106,7 @@ int ssh_client_ecdh_init(ssh_session session){
+   }
+ 
+   session->next_crypto->ecdh_privkey = key;
+  ssh_string_free(session->next_crypto->ecdh_client_pubkey);
+   session->next_crypto->ecdh_client_pubkey = client_pubkey;
+ 
+   rc = ssh_packet_send(session);
+diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
+index b2e5390c..e998a582 100644
+--- a/src/ecdh_gcrypt.c
+++ b/src/ecdh_gcrypt.c
+@@ -106,9 +106,10 @@ int ssh_client_ecdh_init(ssh_session session)
+         gcry_sexp_release(session->next_crypto->ecdh_privkey);
+         session->next_crypto->ecdh_privkey = NULL;
+     }
+-
+     session->next_crypto->ecdh_privkey = key;
+     key = NULL;
+
+    SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
+     session->next_crypto->ecdh_client_pubkey = client_pubkey;
+     client_pubkey = NULL;
+ 
+-- 
+2.48.1
diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-3.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-3.patch
new file mode 100644
index 0000000000..9e1519072f
--- /dev/null
+++ b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-3.patch
@@ -0,0 +1,50 @@
+From 1c763e29d138db87665e98983f468d2dd0f286c1 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Wed, 6 Aug 2025 15:32:56 +0200
+Subject: [PATCH 3/3] CVE-2025-8277: mbedtls: Avoid leaking ecdh keys
+Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit ffed80f8c078122990a4eba2b275facd56dd43e0)
+CVE: CVE-2025-8277
+Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=1c763e29d138db87665e98983f468d2dd0f286c1]
+Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
+---
+ src/ecdh_mbedcrypto.c | 1 +
+ src/wrapper.c         | 5 ++++-
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
+index f7b0301b..ab323a7e 100644
+--- a/src/ecdh_mbedcrypto.c
+++ b/src/ecdh_mbedcrypto.c
+@@ -109,6 +109,7 @@ int ssh_client_ecdh_init(ssh_session session)
+         goto out;
+     }
+ 
+    SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
+     session->next_crypto->ecdh_client_pubkey = client_pubkey;
+     client_pubkey = NULL;
+ 
+diff --git a/src/wrapper.c b/src/wrapper.c
+index 6e15d54e..fc1110f4 100644
+--- a/src/wrapper.c
+++ b/src/wrapper.c
+@@ -169,7 +169,10 @@ void crypto_free(struct ssh_crypto_struct *crypto)
+         EC_KEY_free(crypto->ecdh_privkey);
+ #elif defined HAVE_GCRYPT_ECC
+         gcry_sexp_release(crypto->ecdh_privkey);
+-#endif
+#elif defined HAVE_LIBMBEDCRYPTO
+        mbedtls_ecp_keypair_free(crypto->ecdh_privkey);
+        SAFE_FREE(crypto->ecdh_privkey);
+#endif /* HAVE_LIBGCRYPT */
+         crypto->ecdh_privkey = NULL;
+     }
+ #endif
+-- 
+2.48.1
diff --git a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb
index 28e3fe2588..891b2c38ac 100644
--- a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb
+++ b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb
@@ -24,6 +24,9 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
           file://CVE-2025-4877.patch \
           file://CVE-2025-4878-1.patch \
           file://CVE-2025-4878-2.patch \
+           file://CVE-2025-8277-1.patch \
+           file://CVE-2025-8277-2.patch \
+           file://CVE-2025-8277-3.patch \
          "
 SRCREV = "04685a74df9ce1db1bc116a83a0da78b4f4fa1f8"

diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-1.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-1.patch new file mode 100644 index 0000000000..30198df0f4 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-1.patch
@@ -0,0 +1,57 @@
		1	From 266174a6d36687b65cf90174f06af90b8b27c65f Mon Sep 17 00:00:00 2001
		2	From: Francesco Rollo <eferollo@gmail.com>
		3	Date: Thu, 24 Jul 2025 16:30:07 +0300
		4	Subject: [PATCH 1/3] CVE-2025-8277: Fix memory leak of unused ephemeral key
		5	pair after client's wrong KEX guess
		6
		7	Signed-off-by: Francesco Rollo <eferollo@gmail.com>
		8	Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
		9	(cherry picked from commit ccff22d3787c1355b3f0dcd09fe54d90acc55bf1)
		10
		11	CVE: CVE-2025-8277
		12
		13	Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=266174a6d36687b65cf90174f06af90b8b27c65f]
		14
		15	Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
		16	---
		17	src/ecdh_gcrypt.c \| 6 ++++++
		18	src/ecdh_mbedcrypto.c \| 6 ++++++
		19	2 files changed, 12 insertions(+)
		20
		21	diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
		22	index bc45adf7..b2e5390c 100644
		23	--- a/src/ecdh_gcrypt.c
		24	+++ b/src/ecdh_gcrypt.c
		25	@@ -101,6 +101,12 @@ int ssh_client_ecdh_init(ssh_session session)
		26	goto out;
		27	}
		28
		29	+ /* Free any previously allocated privkey */
		30	+ if (session->next_crypto->ecdh_privkey != NULL) {
		31	+ gcry_sexp_release(session->next_crypto->ecdh_privkey);
		32	+ session->next_crypto->ecdh_privkey = NULL;
		33	+ }
		34	+
		35	session->next_crypto->ecdh_privkey = key;
		36	key = NULL;
		37	session->next_crypto->ecdh_client_pubkey = client_pubkey;
		38	diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
		39	index fa350028..f7b0301b 100644
		40	--- a/src/ecdh_mbedcrypto.c
		41	+++ b/src/ecdh_mbedcrypto.c
		42	@@ -65,6 +65,12 @@ int ssh_client_ecdh_init(ssh_session session)
		43	return SSH_ERROR;
		44	}
		45
		46	+ /* Free any previously allocated privkey */
		47	+ if (session->next_crypto->ecdh_privkey != NULL) {
		48	+ mbedtls_ecp_keypair_free(session->next_crypto->ecdh_privkey);
		49	+ SAFE_FREE(session->next_crypto->ecdh_privkey);
		50	+ }
		51	+
		52	session->next_crypto->ecdh_privkey = malloc(sizeof(mbedtls_ecp_keypair));
		53	if (session->next_crypto->ecdh_privkey == NULL) {
		54	return SSH_ERROR;
		55	--
		56	2.48.1
		57


diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-2.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-2.patch new file mode 100644 index 0000000000..87a4b684a4 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-2.patch
@@ -0,0 +1,50 @@
		1	From 8e4d67aa9eda455bfad9ac610e54b7a548d0aa08 Mon Sep 17 00:00:00 2001
		2	From: Jakub Jelen <jjelen@redhat.com>
		3	Date: Wed, 6 Aug 2025 11:10:38 +0200
		4	Subject: [PATCH 2/3] CVE-2025-8277: ecdh: Free previously allocated pubkeys
		5
		6	Signed-off-by: Jakub Jelen <jjelen@redhat.com>
		7	Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
		8	(cherry picked from commit c9d95ab0c7a52b231bcec09afbea71944ed0d852)
		9
		10	CVE: CVE-2025-8277
		11
		12	Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=8e4d67aa9eda455bfad9ac610e54b7a548d0aa08]
		13
		14	Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
		15	---
		16	src/ecdh_crypto.c \| 1 +
		17	src/ecdh_gcrypt.c \| 3 ++-
		18	2 files changed, 3 insertions(+), 1 deletion(-)
		19
		20	diff --git a/src/ecdh_crypto.c b/src/ecdh_crypto.c
		21	index a3c78469..bb4c3fc0 100644
		22	--- a/src/ecdh_crypto.c
		23	+++ b/src/ecdh_crypto.c
		24	@@ -106,6 +106,7 @@ int ssh_client_ecdh_init(ssh_session session){
		25	}
		26
		27	session->next_crypto->ecdh_privkey = key;
		28	+ ssh_string_free(session->next_crypto->ecdh_client_pubkey);
		29	session->next_crypto->ecdh_client_pubkey = client_pubkey;
		30
		31	rc = ssh_packet_send(session);
		32	diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
		33	index b2e5390c..e998a582 100644
		34	--- a/src/ecdh_gcrypt.c
		35	+++ b/src/ecdh_gcrypt.c
		36	@@ -106,9 +106,10 @@ int ssh_client_ecdh_init(ssh_session session)
		37	gcry_sexp_release(session->next_crypto->ecdh_privkey);
		38	session->next_crypto->ecdh_privkey = NULL;
		39	}
		40	-
		41	session->next_crypto->ecdh_privkey = key;
		42	key = NULL;
		43	+
		44	+ SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
		45	session->next_crypto->ecdh_client_pubkey = client_pubkey;
		46	client_pubkey = NULL;
		47
		48	--
		49	2.48.1
		50


diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-3.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-3.patch new file mode 100644 index 0000000000..9e1519072f --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/CVE-2025-8277-3.patch
@@ -0,0 +1,50 @@
		1	From 1c763e29d138db87665e98983f468d2dd0f286c1 Mon Sep 17 00:00:00 2001
		2	From: Jakub Jelen <jjelen@redhat.com>
		3	Date: Wed, 6 Aug 2025 15:32:56 +0200
		4	Subject: [PATCH 3/3] CVE-2025-8277: mbedtls: Avoid leaking ecdh keys
		5
		6	Signed-off-by: Jakub Jelen <jjelen@redhat.com>
		7	Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
		8	(cherry picked from commit ffed80f8c078122990a4eba2b275facd56dd43e0)
		9
		10	CVE: CVE-2025-8277
		11
		12	Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=1c763e29d138db87665e98983f468d2dd0f286c1]
		13
		14	Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
		15	---
		16	src/ecdh_mbedcrypto.c \| 1 +
		17	src/wrapper.c \| 5 ++++-
		18	2 files changed, 5 insertions(+), 1 deletion(-)
		19
		20	diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c
		21	index f7b0301b..ab323a7e 100644
		22	--- a/src/ecdh_mbedcrypto.c
		23	+++ b/src/ecdh_mbedcrypto.c
		24	@@ -109,6 +109,7 @@ int ssh_client_ecdh_init(ssh_session session)
		25	goto out;
		26	}
		27
		28	+ SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
		29	session->next_crypto->ecdh_client_pubkey = client_pubkey;
		30	client_pubkey = NULL;
		31
		32	diff --git a/src/wrapper.c b/src/wrapper.c
		33	index 6e15d54e..fc1110f4 100644
		34	--- a/src/wrapper.c
		35	+++ b/src/wrapper.c
		36	@@ -169,7 +169,10 @@ void crypto_free(struct ssh_crypto_struct *crypto)
		37	EC_KEY_free(crypto->ecdh_privkey);
		38	#elif defined HAVE_GCRYPT_ECC
		39	gcry_sexp_release(crypto->ecdh_privkey);
		40	-#endif
		41	+#elif defined HAVE_LIBMBEDCRYPTO
		42	+ mbedtls_ecp_keypair_free(crypto->ecdh_privkey);
		43	+ SAFE_FREE(crypto->ecdh_privkey);
		44	+#endif /* HAVE_LIBGCRYPT */
		45	crypto->ecdh_privkey = NULL;
		46	}
		47	#endif
		48	--
		49	2.48.1
		50


diff --git a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb index 28e3fe2588..891b2c38ac 100644 --- a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb +++ b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb
@@ -24,6 +24,9 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable
24	file://CVE-2025-4877.patch \	24	file://CVE-2025-4877.patch \
25	file://CVE-2025-4878-1.patch \	25	file://CVE-2025-4878-1.patch \
26	file://CVE-2025-4878-2.patch \	26	file://CVE-2025-4878-2.patch \
		27	file://CVE-2025-8277-1.patch \
		28	file://CVE-2025-8277-2.patch \
		29	file://CVE-2025-8277-3.patch \
27	"	30	"
28	SRCREV = "04685a74df9ce1db1bc116a83a0da78b4f4fa1f8"	31	SRCREV = "04685a74df9ce1db1bc116a83a0da78b4f4fa1f8"
29		32