CVE-2025-4877 is a vulnerability identified in the libssh package, specifically affecting 32-bit builds. The issue occurs when the ssh_get_fingerprint_hash() function receives an input buffer larger than expected. This triggers an integer overflow in the bin_to_base64() function, which calculates memory allocation sizes. Due to the overflow, the allocated memory buffer is smaller than required, leading to an out-of-bounds write during base64 encoding. This heap corruption can potentially be exploited to alter program behavior, cause crashes, or execute arbitrary code, although exploitation complexity is high. The vulnerability requires local access with low privileges and does not need user interaction, limiting remote exploitation potential. The CVSS score of 4.5 reflects medium severity, considering the limited impact on confidentiality, integrity, and availability, and the high attack complexity. No known exploits have been reported in the wild, and no official patches are currently linked, though updates from libssh maintainers are expected. This vulnerability primarily affects systems running 32-bit versions of libssh, which are less common today but still present in embedded devices, legacy systems, and some specialized environments.

The vulnerability can lead to heap corruption through out-of-bounds writes, potentially causing application crashes or enabling attackers to manipulate program execution flow. While the impact on confidentiality, integrity, and availability is rated low to medium, successful exploitation could allow privilege escalation or code execution in local contexts. Organizations relying on 32-bit libssh builds, especially in embedded systems or legacy infrastructure, face increased risk. Disruption of SSH fingerprint hashing could affect authentication processes, potentially undermining secure communications. The requirement for local access and high attack complexity reduces the likelihood of widespread exploitation but does not eliminate risk in targeted attacks. The absence of known exploits in the wild currently limits immediate threat but underscores the need for proactive mitigation.

Organizations should monitor libssh project updates and apply patches promptly once available. In the interim, restrict access to systems running 32-bit libssh builds to trusted users only. Implement strict input validation and bounds checking on inputs passed to ssh_get_fingerprint_hash() to prevent oversized buffers. Consider recompiling libssh for 64-bit architectures where possible, as 64-bit builds are not affected. Employ runtime protections such as heap integrity checks and address space layout randomization (ASLR) to mitigate exploitation impact. Conduct code audits and penetration testing focusing on SSH-related components to detect potential exploitation attempts. For embedded or legacy devices where patching is challenging, isolate these systems within secure network segments and monitor for anomalous behavior.