Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-0966

Опубликовано: 10 фев. 2026
Источник: redhat
CVSS3: 6.5

Описание

The API function ssh_get_hexa() is vulnerable, when 0-lenght input is provided to this function. This function is used internally in ssh_get_fingerprint_hash() and ssh_print_hexa() (deprecated), which is vulnerable to the same input (length is provided by the calling application). The function is also used internally in the gssapi code for logging the OIDs received by the server during GSSAPI authentication. This could be triggered remotely, when the server allows GSSAPI authentication and logging verbosity is set at least to SSH_LOG_PACKET (3). This could cause self-DoS of the per-connection daemon process.

Меры по смягчению последствий

To mitigate this issue, consider disabling GSSAPI authentication if it is not required, or reduce the LogLevel in the sshd_config file to a value lower than SSH_LOG_PACKET (e.g., INFO). To disable GSSAPI authentication, add or modify the following line in /etc/ssh/sshd_config: GSSAPIAuthentication no To reduce logging verbosity, add or modify the following line in /etc/ssh/sshd_config: LogLevel INFO After making changes to sshd_config, the sshd service must be restarted for the changes to take effect. This may temporarily interrupt active SSH sessions.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10libsshAffected
Red Hat Enterprise Linux 6libssh2Not affected
Red Hat Enterprise Linux 7libssh2Not affected
Red Hat Enterprise Linux 8libsshFix deferred
Red Hat Enterprise Linux 9libsshAffected
Red Hat OpenShift Container Platform 4rhcosFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-124
https://bugzilla.redhat.com/show_bug.cgi?id=2433121libssh: Buffer underflow in ssh_get_hexa() on invalid input

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-0966

ubuntu
около 2 месяцев назад

[Buffer underflow in ssh_get_hexa() on invalid input]

debian логотип

CVE-2026-0966

debian

[Buffer underflow in ssh_get_hexa() on invalid input]

github логотип

GHSA-wcqf-w94x-4wg2

CVSS3: 6.5
github
4 дня назад

The API function `ssh_get_hexa()` is vulnerable, when 0-lenght input is provided to this function. This function is used internally in `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated), which is vulnerable to the same input (length is provided by the calling application). The function is also used internally in the gssapi code for logging the OIDs received by the server during GSSAPI authentication. This could be triggered remotely, when the server allows GSSAPI authentication and logging verbosity is set at least to SSH_LOG_PACKET (3). This could cause self-DoS of the per-connection daemon process.

suse-cvrf логотип

SUSE-SU-2026:0779-1

suse-cvrf
27 дней назад

Security update for libssh

suse-cvrf логотип

SUSE-SU-2026:0778-1

suse-cvrf
27 дней назад

Security update for libssh

6.5 Medium

CVSS3