CVE-2025-47203

NameCVE-2025-47203
Descriptiondbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-4169-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dropbear (PTS)bullseye2020.81-3+deb11u2vulnerable
bullseye (security)2020.81-3+deb11u3fixed
bookworm2022.83-1+deb12u3fixed
forky, sid, trixie2025.88-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dropbearsourcebullseye2020.81-3+deb11u3DLA-4169-1
dropbearsourcebookworm2022.83-1+deb12u3
dropbearsource(unstable)2025.88-1

Notes

Fixed by: https://github.com/mkj/dropbear/commit/e5a0ef27c227f7ae69d9a9fec98a056494409b9b (DROPBEAR_2025.88)

Search for package or bug name: Reporting problems