Alerts This Week
Warning Icon 1 1,213
Alerts This Week
Warning Icon 1 1,213

openSUSE Amazon-SSM-Agent Important Denial of Service Fix 2026-21079-1

opensuse
Calendar Grey June 30, 2026
Dist Opensuse Esm H88
An important update for openSUSE addresses 21 vulnerabilities in amazon-ssm-agent, including bug fixes and security measures.
An update that solves 21 vulnerabilities and has 9 bug fixes can now be installed.

Description

This update for amazon-ssm-agent fixes the following issues

Update to version 3.3.4624.0:

- CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

(bsc#1239342).

- CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs (bsc#1238702).

- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in

response to a key listing or signing request (bsc#1253611).

- CVE-2026-1229: the CombinedMult function in the ecc/p384 package produces an incorrect value for specific inputs

(bsc#1265474).

- CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files

can lead to the consumption of corrupted files (bsc#1258095).

- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation

bypass and privilege esca (bsc#1266781).

- CVE-2026-41506:...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory DoS vulnerability important OpenSUSE amazon-ssm-agent

Patch

Package List

- openSUSE Leap 16.0:

amazon-ssm-agent-3.3.4624.0-160000.1.1

References

* bsc#1238702

* bsc#1239342

* bsc#1253611

* bsc#1258095

* bsc#1264952

* bsc#1265474

* bsc#1266200

* bsc#1266781

* bsc#1267332

References:

* https://www.suse.com/security/cve/CVE-2025-22869.html

* https://www.suse.com/security/cve/CVE-2025-22870.html

* https://www.suse.com/security/cve/CVE-2025-47913.html

* https://www.suse.com/security/cve/CVE-2026-1229.html

* https://www.suse.com/security/cve/CVE-2026-25934.html

* https://www.suse.com/security/cve/CVE-2026-39821.html

* https://www.suse.com/security/cve/CVE-2026-39827.html

* https://www.suse.com/security/cve/CVE-2026-39828.html

* https://www.suse.com/security/cve/CVE-2026-39829.html

* https://www.suse.com/security/cve/CVE-2026-39830.html

* https://www.suse.com/security/cve/CVE-2026-39831.html

* https://www.suse.com/security/cve/CVE-2026-39832.html

* https://www.suse.com/security/cve/CVE-2026-39833.html

* https://www.suse.com/security/cve/CVE-2026-39834.html

* https://www.suse.com/security/cve/CVE-2026-39835.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21079-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory DoS vulnerability important OpenSUSE amazon-ssm-agent

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here