CVE-2026-0968

Опубликовано: 10 фев. 2026

Источник: redhat

CVSS3: 3.1

Описание

A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an SSH_FXP_NAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	libssh	Affected
Red Hat Enterprise Linux 6	libssh2	Not affected
Red Hat Enterprise Linux 7	libssh2	Not affected
Red Hat Enterprise Linux 8	libssh	Fix deferred
Red Hat Enterprise Linux 9	libssh	Affected
Red Hat OpenShift Container Platform 4	rhcos	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2436982libssh: libssh: Denial of Service due to malformed SFTP message

3.1 Low

CVSS3

Связанные уязвимости

CVE-2026-0968

ubuntu

около 2 месяцев назад

[Denial of Service due to malformed SFTP message]

CVE-2026-0968

debian

[Denial of Service due to malformed SFTP message]

GHSA-6w3m-r3qq-cr2h

CVSS3: 3.1

github

4 дня назад

A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.

SUSE-SU-2026:0779-1

suse-cvrf

27 дней назад

Security update for libssh

SUSE-SU-2026:0778-1

suse-cvrf

27 дней назад

Security update for libssh

3.1 Low

CVSS3