csaf_suse - suse-su-2025:20226-1

suse-su-2025:20226-1

Vulnerability from csaf_suse

Published

2025-02-26 13:44

Modified

2025-02-26 13:44

Summary

Security update for openssh

Notes

Title of the patch

Security update for openssh

Description of the patch

This update for openssh fixes the following issues: Security issues fixed: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040) - CVE-2025-26466: Fixed a DoS attack against OpenSSH's client and server (bsc#1237041) Other issues fixed: - Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2 due to gssapi proposal not being correctly initialized (bsc#1236826). - Add a patch to fix a regression introduced in 9.6 that makes X11 forwarding very slow. (bsc#1229449) - Fixed RFC4256 implementation so that keyboard-interactive authentication method can send instructions and sshd shows them to users even before a prompt is requested. This fixes MFA push notifications (bsc#1229010). - Fix a dbus connection leaked in the logind patch that was missing a sd_bus_unref call - Add a patch that fixes a small memory leak when parsing the subsystem configuration option: - Remove empty line at the end of sshd-sle.pamd (bsc#1227456)

Patchnames

SUSE-SLE-Micro-6.1-21

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for openssh",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for openssh fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2025-26465: Fixed a MitM attack against OpenSSH\u0027s VerifyHostKeyDNS-enabled client (bsc#1237040)\n- CVE-2025-26466: Fixed a DoS attack against OpenSSH\u0027s client and server (bsc#1237041)\n\nOther issues fixed:\n\n- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2\n  due to gssapi proposal not being correctly initialized\n  (bsc#1236826).\n- Add a patch to fix a regression introduced in 9.6 that makes X11\n  forwarding very slow. (bsc#1229449)\n- Fixed RFC4256 implementation so that keyboard-interactive authentication method can send\n  instructions and sshd shows them to users even before a prompt\n  is requested. This fixes MFA push notifications (bsc#1229010).\n- Fix a dbus connection leaked in the logind patch that was\n  missing a sd_bus_unref call\n- Add a patch that fixes a small memory leak when parsing the\n  subsystem configuration option:\n- Remove empty line at the end of sshd-sle.pamd (bsc#1227456)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-21",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20226-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20226-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520226-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20226-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021099.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227456",
        "url": "https://bugzilla.suse.com/1227456"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229010",
        "url": "https://bugzilla.suse.com/1229010"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229072",
        "url": "https://bugzilla.suse.com/1229072"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229449",
        "url": "https://bugzilla.suse.com/1229449"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236826",
        "url": "https://bugzilla.suse.com/1236826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237040",
        "url": "https://bugzilla.suse.com/1237040"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237041",
        "url": "https://bugzilla.suse.com/1237041"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-26465 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-26465/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-26466 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-26466/"
      }
    ],
    "title": "Security update for openssh",
    "tracking": {
      "current_release_date": "2025-02-26T13:44:24Z",
      "generator": {
        "date": "2025-02-26T13:44:24Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20226-1",
      "initial_release_date": "2025-02-26T13:44:24Z",
      "revision_history": [
        {
          "date": "2025-02-26T13:44:24Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-slfo.1.1_2.1.aarch64",
                "product": {
                  "name": "openssh-9.6p1-slfo.1.1_2.1.aarch64",
                  "product_id": "openssh-9.6p1-slfo.1.1_2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
                "product": {
                  "name": "openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
                  "product_id": "openssh-clients-9.6p1-slfo.1.1_2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
                "product": {
                  "name": "openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
                  "product_id": "openssh-common-9.6p1-slfo.1.1_2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
                "product": {
                  "name": "openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
                  "product_id": "openssh-fips-9.6p1-slfo.1.1_2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
                "product": {
                  "name": "openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
                  "product_id": "openssh-server-9.6p1-slfo.1.1_2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-slfo.1.1_2.1.ppc64le",
                "product": {
                  "name": "openssh-9.6p1-slfo.1.1_2.1.ppc64le",
                  "product_id": "openssh-9.6p1-slfo.1.1_2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
                "product": {
                  "name": "openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
                  "product_id": "openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
                "product": {
                  "name": "openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
                  "product_id": "openssh-common-9.6p1-slfo.1.1_2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
                "product": {
                  "name": "openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
                  "product_id": "openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
                "product": {
                  "name": "openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
                  "product_id": "openssh-server-9.6p1-slfo.1.1_2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-slfo.1.1_2.1.s390x",
                "product": {
                  "name": "openssh-9.6p1-slfo.1.1_2.1.s390x",
                  "product_id": "openssh-9.6p1-slfo.1.1_2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
                "product": {
                  "name": "openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
                  "product_id": "openssh-clients-9.6p1-slfo.1.1_2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-slfo.1.1_2.1.s390x",
                "product": {
                  "name": "openssh-common-9.6p1-slfo.1.1_2.1.s390x",
                  "product_id": "openssh-common-9.6p1-slfo.1.1_2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
                "product": {
                  "name": "openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
                  "product_id": "openssh-fips-9.6p1-slfo.1.1_2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-slfo.1.1_2.1.s390x",
                "product": {
                  "name": "openssh-server-9.6p1-slfo.1.1_2.1.s390x",
                  "product_id": "openssh-server-9.6p1-slfo.1.1_2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssh-9.6p1-slfo.1.1_2.1.x86_64",
                "product": {
                  "name": "openssh-9.6p1-slfo.1.1_2.1.x86_64",
                  "product_id": "openssh-9.6p1-slfo.1.1_2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
                "product": {
                  "name": "openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
                  "product_id": "openssh-clients-9.6p1-slfo.1.1_2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
                "product": {
                  "name": "openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
                  "product_id": "openssh-common-9.6p1-slfo.1.1_2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
                "product": {
                  "name": "openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
                  "product_id": "openssh-fips-9.6p1-slfo.1.1_2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
                "product": {
                  "name": "openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
                  "product_id": "openssh-server-9.6p1-slfo.1.1_2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64",
                "product": {
                  "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64",
                  "product_id": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64"
        },
        "product_reference": "openssh-9.6p1-slfo.1.1_2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le"
        },
        "product_reference": "openssh-9.6p1-slfo.1.1_2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x"
        },
        "product_reference": "openssh-9.6p1-slfo.1.1_2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-9.6p1-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64"
        },
        "product_reference": "openssh-9.6p1-slfo.1.1_2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64"
        },
        "product_reference": "openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le"
        },
        "product_reference": "openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x"
        },
        "product_reference": "openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-clients-9.6p1-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64"
        },
        "product_reference": "openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64"
        },
        "product_reference": "openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le"
        },
        "product_reference": "openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x"
        },
        "product_reference": "openssh-common-9.6p1-slfo.1.1_2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-common-9.6p1-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64"
        },
        "product_reference": "openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64"
        },
        "product_reference": "openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le"
        },
        "product_reference": "openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x"
        },
        "product_reference": "openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-fips-9.6p1-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64"
        },
        "product_reference": "openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64"
        },
        "product_reference": "openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le"
        },
        "product_reference": "openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x"
        },
        "product_reference": "openssh-server-9.6p1-slfo.1.1_2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-9.6p1-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64"
        },
        "product_reference": "openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
        },
        "product_reference": "openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-26465",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-26465"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-26465",
          "url": "https://www.suse.com/security/cve/CVE-2025-26465"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237040 for CVE-2025-26465",
          "url": "https://bugzilla.suse.com/1237040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237041 for CVE-2025-26465",
          "url": "https://bugzilla.suse.com/1237041"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-26T13:44:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-26465"
    },
    {
      "cve": "CVE-2025-26466",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-26466"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
          "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-26466",
          "url": "https://www.suse.com/security/cve/CVE-2025-26466"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237041 for CVE-2025-26466",
          "url": "https://bugzilla.suse.com/1237041"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-clients-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-common-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-fips-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-9.6p1-slfo.1.1_2.1.x86_64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.aarch64",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.ppc64le",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.s390x",
            "SUSE Linux Micro 6.1:openssh-server-config-rootlogin-9.6p1-slfo.1.1_2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-26T13:44:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-26466"
    }
  ]
}

CVE-2025-26466 (GCVE-0-2025-26466)

Vulnerability from cvelistv5

Published

2025-02-28 21:25

Modified

2025-11-03 21:12

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Summary

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

References

URL

CVE-2025-26465 (GCVE-0-2025-26465)

Vulnerability from cvelistv5

Published

2025-02-18 18:27

Modified

2025-11-03 21:12

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE

CWE-390 - Detection of Error Condition Without Action

Summary

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:16823	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:3837	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:6993	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8385	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-26465	vdb-entry, x_refsource_REDHAT
	https://access.redhat.com/solutions/7109879
	https://bugzilla.redhat.com/show_bug.cgi?id=2344780	issue-tracking, x_refsource_REDHAT
	https://seclists.org/oss-sec/2025/q1/144

Impacted products

Vendor

Product

Version

Version: 6.8p1 <

Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:8.0p1-26.el8_10 < * cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:8.0p1-26.el8_10 < * cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-45.el9 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-45.el9 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:8.7p1-38.el9_4.5 < * cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos
Red Hat	Red Hat Discovery 1.14	Unaffected: sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c < * cpe:/a:redhat:discovery:1.14::el9
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:12:55.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/02/18/1"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/02/18/4"
          },
          {
            "url": "https://www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/"
          },
          {
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1237040"
          },
          {
            "url": "https://security-tracker.debian.org/tracker/CVE-2025-26465"
          },
          {
            "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig"
          },
          {
            "url": "https://ubuntu.com/security/CVE-2025-26465"
          },
          {
            "url": "https://www.openssh.com/releasenotes.html#9.9p2"
          },
          {
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466"
          },
          {
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250228-0003/"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-26465-detect-vulnerable-openssh"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-26465-mitigate-vulnerable-openssh"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/May/8"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/May/7"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Feb/18"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26465",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T15:02:09.369445Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T15:02:45.555Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://seclists.org/oss-sec/2025/q1/144"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.9p1",
              "status": "affected",
              "version": "6.8p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.0p1-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.0p1-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-45.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-45.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-390",
              "description": "Detection of Error Condition Without Action",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-23T02:39:04.937Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:16823",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:16823"
        },
        {
          "name": "RHSA-2025:3837",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3837"
        },
        {
          "name": "RHSA-2025:6993",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6993"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26465"
        },
        {
          "url": "https://access.redhat.com/solutions/7109879"
        },
        {
          "name": "RHBZ#2344780",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344780"
        },
        {
          "url": "https://seclists.org/oss-sec/2025/q1/144"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-10T21:56:03.853000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-390: Detection of Error Condition Without Action"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26465",
    "datePublished": "2025-02-18T18:27:16.843Z",
    "dateReserved": "2025-02-10T18:31:47.978Z",
    "dateUpdated": "2025-11-03T21:12:55.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2025:20226-1

Vulnerability from csaf_suse

CVE-2025-26466 (GCVE-0-2025-26466)

Vulnerability from cvelistv5

CVE-2025-26465 (GCVE-0-2025-26465)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature