Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 24.04 LTS USN-7270-1 moderate: OpenSSH denial of service

ubuntu
Calendar Grey February 18, 2025
Dist Ubuntu Esm H88
Canonical issues OpenSSH security advisories to tackle vulnerabilities, providing essential patches for impacted versions.
Several security issues were fixed in OpenSSH.

Summary

Several security issues were fixed in OpenSSH.

Software Description:

- openssh: secure shell (SSH) for secure access to remote machines

Details:

It was discovered that the OpenSSH client incorrectly handled the

non-default VerifyHostKeyDNS option. If that option were enabled, an

attacker could possibly impersonate a server by completely bypassing the

server identity check. (CVE-2025-26465)

It was discovered that OpenSSH incorrectly handled the transport-level ping

facility. A remote attacker could possibly use this issue to cause OpenSSH

clients and servers to consume resources, leading to a denial of service.

This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10.

(CVE-2025-26466)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   openssh-client                  1:9.7p1-7ubuntu4.2
   openssh-server                  1:9.7p1-7ubuntu4.2

Ubuntu 24.04 LTS
   openssh-client                  1:9.6p1-3ubuntu13.8
   openssh-server                  1:9.6p1-3ubuntu13.8

Ubuntu 22.04 LTS
   openssh-client                  1:8.9p1-3ubuntu0.11
   openssh-server                  1:8.9p1-3ubuntu0.11

Ubuntu 20.04 LTS
   openssh-client                  1:8.2p1-4ubuntu0.12
   openssh-server                  1:8.2p1-4ubuntu0.12

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7270-1

CVE-2025-26465, CVE-2025-26466

Ubuntu Security Notice USN-7270-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here