Количество 8
Количество 8
BDU:2025-01893
Уязвимость сервера средства криптографической защиты OpenSSH, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
CVE-2025-26466
CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH ...
GHSA-m92w-x6j2-5gc5
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
SUSE-SU-2025:0585-1
Security update for openssh
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-01893 Уязвимость сервера средства криптографической защиты OpenSSH, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 45% Средний | 9 месяцев назад |
 | CVE-2025-26466 A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. | CVSS3: 5.9 | 45% Средний | 9 месяцев назад |
 | CVE-2025-26466 A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. | CVSS3: 5.9 | 45% Средний | 9 месяцев назад |
 | CVE-2025-26466 A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. | CVSS3: 5.9 | 45% Средний | 9 месяцев назад |
 | CVSS3: 5.9 | 45% Средний | 9 месяцев назад | |
| CVE-2025-26466 A flaw was found in the OpenSSH package. For each ping packet the SSH ... | CVSS3: 5.9 | 45% Средний | 9 месяцев назад |
| GHSA-m92w-x6j2-5gc5 A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. | CVSS3: 5.9 | 45% Средний | 9 месяцев назад |
 | SUSE-SU-2025:0585-1 Security update for openssh | 9 месяцев назад |
Уязвимостей на страницу