Alerts This Week
Warning Icon 1 1,213
Alerts This Week
Warning Icon 1 1,213

Oracle Linux 8 OpenSSH Important Priv Escalation Fix ELSA-2026-13383

oracle
Calendar Grey May 6, 2026
Oracle Linux Logo Esm H88
OpenSSH updates for Oracle Linux 8 address multiple important security issues that could lead to privilege escalation.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[8.0p1-29.0.1] - Update upstream references [Orabug: 36587718] [8.0p1-29] - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164743 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions Resolves: RHEL-166240 - CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard to ECDSA keys Resolves: RHEL-166224 - CVE-2026-35414: Fix mishandling of authorized_keys principals option Resolves: RHEL-166192 - CVE-2026-35386: Add validation rules to usernames and hostnames set for ProxyJump/-J on the commandline Resolves: RHEL-166208

Topics%20covered

Topics Covered

security advisory privilege escalation remote access important openssh Oracle Linux

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates/openssh-8.0p1-29.0.1.el8_10.src.rpm

x86_64

openssh-8.0p1-29.0.1.el8_10.x86_64.rpm openssh-askpass-8.0p1-29.0.1.el8_10.x86_64.rpm openssh-cavs-8.0p1-29.0.1.el8_10.x86_64.rpm openssh-clients-8.0p1-29.0.1.el8_10.x86_64.rpm openssh-keycat-8.0p1-29.0.1.el8_10.x86_64.rpm openssh-ldap-8.0p1-29.0.1.el8_10.x86_64.rpm openssh-server-8.0p1-29.0.1.el8_10.x86_64.rpm pam_ssh_agent_auth-0.10.3-7.29.0.1.el8_10.x86_64.rpm

aarch64

openssh-8.0p1-29.0.1.el8_10.aarch64.rpm openssh-askpass-8.0p1-29.0.1.el8_10.aarch64.rpm openssh-cavs-8.0p1-29.0.1.el8_10.aarch64.rpm openssh-clients-8.0p1-29.0.1.el8_10.aarch64.rpm openssh-keycat-8.0p1-29.0.1.el8_10.aarch64.rpm openssh-ldap-8.0p1-29.0.1.el8_10.aarch64.rpm openssh-server-8.0p1-29.0.1.el8_10.aarch64.rpm pam_ssh_agent_auth-0.10.3-7.29.0.1.el8_10.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-35385 CVE-2026-35386 CVE-2026-35387 CVE-2026-35388 CVE-2026-35414

Topics%20covered

Topics Covered

security advisory privilege escalation remote access important openssh Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here