CVE-2026-0967

Опубликовано: 10 фев. 2026

Источник: redhat

CVSS3: 2.2

EPSS Низкий

Описание

A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the match_pattern() function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.

Меры по смягчению последствий

Avoid using complex patterns in configuration files and known_hosts.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	libssh	Affected
Red Hat Enterprise Linux 6	libssh2	Not affected
Red Hat Enterprise Linux 7	libssh2	Not affected
Red Hat Enterprise Linux 8	libssh	Fix deferred
Red Hat Enterprise Linux 9	libssh	Affected
Red Hat OpenShift Container Platform 4	rhcos	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-1333

https://bugzilla.redhat.com/show_bug.cgi?id=2436981libssh: libssh: Denial of Service via inefficient regular expression processing

EPSS

Процентиль: 20%

0.00066

Низкий

2.2 Low

CVSS3

Связанные уязвимости

CVE-2026-0967

ubuntu

около 2 месяцев назад

[Denial of Service via inefficient regular expression processing]

CVE-2026-0967

debian

[Denial of Service via inefficient regular expression processing]

GHSA-6jpg-fr24-wpvf

CVSS3: 2.2

github

4 дня назад

A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.

SUSE-SU-2026:0779-1

suse-cvrf

27 дней назад

Security update for libssh

SUSE-SU-2026:0778-1

suse-cvrf

27 дней назад

Security update for libssh

EPSS

Процентиль: 20%

0.00066

Низкий

2.2 Low

CVSS3