From 5f4950367c027aa91fcea240df354a856a4a0025 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Wed, 6 Aug 2025 15:17:59 +0200
Subject: [PATCH] CVE-2025-8114: Fix NULL pointer dereference after allocation
 failure

CVE: CVE-2025-8114
Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb]

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 53ac23ded4cb2c5463f6c4cd1525331bd578812d)
Signed-off-by: Anil Dongare <adongare@cisco.com>
---
 src/kex.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/kex.c b/src/kex.c
index fbc70cf4..b4bab277 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -1391,6 +1391,8 @@ int ssh_make_sessionid(ssh_session session)
     ssh_log_hexdump("hash buffer", ssh_buffer_get(buf), ssh_buffer_get_len(buf));
 #endif
 
+    /* Set rc for the following switch statement in case we goto error. */
+    rc = SSH_ERROR;
     switch (session->next_crypto->kex_type) {
     case SSH_KEX_DH_GROUP1_SHA1:
     case SSH_KEX_DH_GROUP14_SHA1:
@@ -1450,6 +1452,7 @@ int ssh_make_sessionid(ssh_session session)
                session->next_crypto->secret_hash);
         break;
     }
+
     /* During the first kex, secret hash and session ID are equal. However, after
      * a key re-exchange, a new secret hash is calculated. This hash will not replace
      * but complement existing session id.
@@ -1458,6 +1461,7 @@ int ssh_make_sessionid(ssh_session session)
         session->next_crypto->session_id = malloc(session->next_crypto->digest_len);
         if (session->next_crypto->session_id == NULL) {
             ssh_set_error_oom(session);
+            rc = SSH_ERROR;
             goto error;
         }
         memcpy(session->next_crypto->session_id, session->next_crypto->secret_hash,
-- 
2.43.5