shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 10:40:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2025-8277: mbedtls: Avoid leaking ecdh keys

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2025-08-06 15:32:56 +02:00
parent 9ada7aa0e4
commit ffed80f8c0
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/wrapper.c
View File

@@ -182,7 +182,10 @@ void crypto_free(struct ssh_crypto_struct *crypto)
#endif /* OPENSSL_VERSION_NUMBER */
#elif defined HAVE_GCRYPT_ECC
gcry_sexp_release(crypto->ecdh_privkey);
#endif
#elif defined HAVE_LIBMBEDCRYPTO
mbedtls_ecp_keypair_free(crypto->ecdh_privkey);
SAFE_FREE(crypto->ecdh_privkey);
#endif /* HAVE_LIBGCRYPT */
crypto->ecdh_privkey = NULL;
}
#endif