QSearchQSearch

CVE-2026-0966

8.2 HIGH

A flaw was found in libssh

Published: 2026-03-26 · Last updated: 2026-05-19

Severity and scoring

CVSS
8.2 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CWE
CWE-124

Affected products

VendorProduct
libsshenterprise_linux, hardened_images, libssh
redhatenterprise_linux, hardened_images, libssh

Description

A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_PACKET (3)` or higher. Successful exploitation could lead to a self-Denial of Service of the per-connection daemon process.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-50259 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-50258 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-50257 A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence() (7.8 HIGH)
  • CVE-2026-50256 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-1784 The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy (8.8 HIGH)

Same CWE

  • CVE-2026-44631 Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration (9.8 CRITICAL)
  • CVE-2024-36343 Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out o...
  • CVE-2026-34253 A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread i... (8.2 HIGH)