CVE-2025-8277: mbedtls: Avoid leaking ecdh keys

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit ffed80f8c0)
2026-02-04 12:20:42 +09:00 · 2025-08-06 15:32:56 +02:00
parent 7d85085d2a
commit 1c763e29d1
2 changed files with 5 additions and 1 deletions
--- a/src/ecdh_mbedcrypto.c
+++ b/src/ecdh_mbedcrypto.c
@@ -116,6 +116,7 @@ int ssh_client_ecdh_init(ssh_session session)
        goto out;
    }

+    SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
    session->next_crypto->ecdh_client_pubkey = client_pubkey;
    client_pubkey = NULL;

--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -181,7 +181,10 @@ void crypto_free(struct ssh_crypto_struct *crypto)
 #endif /* OPENSSL_VERSION_NUMBER */
 #elif defined HAVE_GCRYPT_ECC
        gcry_sexp_release(crypto->ecdh_privkey);
-#endif
+#elif defined HAVE_LIBMBEDCRYPTO
+        mbedtls_ecp_keypair_free(crypto->ecdh_privkey);
+        SAFE_FREE(crypto->ecdh_privkey);
+#endif /* HAVE_LIBGCRYPT */
        crypto->ecdh_privkey = NULL;
    }
 #endif