Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 308 articles for you...
172

Ubuntu OpenSSH Important File Handling Issues Vuln USN-8533-1

Several security issues were fixed in OpenSSH.. ========================================================================== Ubuntu Security Notice USN-8533-1 July 13, 2026 openssh vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in OpenSSH. Software Description: - openssh: secure shell (SSH) for secure access to remote machines Details: It was discovered that OpenSSH sftp did not properly constrain the location of downloaded files when connecting to an attacker-controlled server. An attacker could possibly use this issue to write files to unintended locations on the file system. (CVE-2026-59995) It was discovered that OpenSSH scp could place files in the parent directory of the intended destination when copying between two remote hosts. An attacker could possibly use this issue to write files to unintended locations. (CVE-2026-59996) It was discovered that OpenSSH internal-sftp only recognized the first nine command-line arguments, This could result in certain security-sensitive arguments being ignored, contrary to expectations. (CVE-2026-59997) It was discovered that OpenSSH had undocumented behaviour regarding the GSSAPIStrictAcceptorCheck option in environments using Windows Active Directory. The documentation has been updated to clarify use of the option. (CVE-2026-59998) It was discovered that OpenSSH did not properly enforce precedence of DisableForwarding=yes over PermitTunnel=yes in server configurations. This could possibly result in intended network forwarding restrictions being bypassed, contrary to expectations. (CVE-2026-59999) It was discovered that OpenSSH mishandled the MaxAuthTries limit for GSSAPI authentication. A remote attacker could use this issue to perform excessive authentication attempts. (CVE-2026-60000) It was discovered that OpenSSH did not always honour theminimum authentication delay. An attacker could possibly use this issue to perform brute-force attacks more efficiently. (CVE-2026-60001) It was discovered that the OpenSSH client had a use-after-free vulnerability when a server changed its host key during a key re-exchange. An attacker able to intercept communications could possibly use this issue to execute arbitrary code or obtain sensitive information. (CVE-2026-60002) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS openssh-client 1:10.2p1-2ubuntu3.4 openssh-server 1:10.2p1-2ubuntu3.4 Ubuntu 24.04 LTS openssh-client 1:9.6p1-3ubuntu13.18 openssh-server 1:9.6p1-3ubuntu13.18 Ubuntu 22.04 LTS openssh-client 1:8.9p1-3ubuntu0.16 openssh-server 1:8.9p1-3ubuntu0.16 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8533-1 CVE-2026-59995, CVE-2026-59996, CVE-2026-59997, CVE-2026-59998, CVE-2026-59999, CVE-2026-60000, CVE-2026-60001, CVE-2026-60002 Package Information: https://launchpad.net/ubuntu/+source/openssh/1:10.2p1-2ubuntu3.4 https://launchpad.net/ubuntu/+source/openssh/1:9.6p1-3ubuntu13.18 https://launchpad.net/ubuntu/+source/openssh/1:8.9p1-3ubuntu0.16 . Multiple security issues in OpenSSH patched for Ubuntu to enhance protection against potential attacks.. OpenSSH Security, Ubuntu SSH Issues, SSH Client Server Fix, File Transfer Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important Ubuntu
89

Fedora 43 OpenSSH Important Fixes for Client-Side DoS CVE-2026-55653

CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known- group validation that leads to client-side denial of service CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-95b955a09b 2026-07-11 00:52:57.708578+00:00 -------------------------------------------------------------------------------- Name : openssh Product : Fedora 43 Version : 10.0p1 Release : 10.fc43 URL : http://www.openssh.com/portable.html Summary : An open source implementation of SSH protocol version 2 Description : SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. -------------------------------------------------------------------------------- Update Information: CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known- group validation that leads to client-side denial of service CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Zoltan Fridrich - 10.0p1-10 -CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service - CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator - CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding -------------------------------------------------------------------------------- References: [ 1 ] Bug #2442505 - 0043-openssh-8.7p1-ssh-manpage.patch introduces duplicates in documentation https://bugzilla.redhat.com/show_bug.cgi?id=2442505 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-95b955a09b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Enhance your system's security with this important Fedora Advisory on OpenSSH addressing multiple potential issues.. OpenSSH Fixes, Fedora Security, Client-Side Denial of Service, X11 Forwarding Issues. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 Important Fedora
89

Fedora OpenSSH Serious Denial of Service and Heap Vulnerabilities Issues

Improve GSS KEX algorithms documentation CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known- group validation that leads to client-side denial of service CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a80275b42d 2026-07-09 00:54:37.609381+00:00 -------------------------------------------------------------------------------- Name : openssh Product : Fedora 44 Version : 10.2p1 Release : 12.fc44 URL : http://www.openssh.com/portable.html Summary : An open source implementation of SSH protocol version 2 Description : SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. -------------------------------------------------------------------------------- Update Information: Improve GSS KEX algorithms documentation CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known- group validation that leads to client-side denial of service CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Dmitry Belyavskiy -10.2p1-12 - Improve GSS KEX algorithms documentation Patches are submitted by This email address is being protected from spambots. You need JavaScript enabled to view it. Resolves: rhbz#2241564 * Tue Jul 7 2026 Zoltan Fridrich - 10.2p1-11 - CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service - CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator - CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding - Remove duplicate manpage entries from ssh(1) Resolves: rhbz#2442505 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2241564 - KexAlgorithms accepts gss-* algorithms in certain cases, but it is completely unclear what this does https://bugzilla.redhat.com/show_bug.cgi?id=2241564 [ 2 ] Bug #2442505 - 0043-openssh-8.7p1-ssh-manpage.patch introduces duplicates in documentation https://bugzilla.redhat.com/show_bug.cgi?id=2442505 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a80275b42d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines ListArchives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical advisories for Fedora OpenSSH address denial of service and heap overflow issues for 2026 updates.. Fedora OpenSSH Critical Updates, Denial of Service Fixes, Security Advisory 2026. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 08, 2026 Critical Fedora
99

Slackware 15.0 openssh Important Security Issues Fix Advisory 2026-187-02

New openssh packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssh (SSA:2026-187-02) New openssh packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/openssh-10.4p1-i586-1_slack15.0.txz: Upgraded. This release contains a number of security fixes: sftp(1): when downloading files on the command-line using "sftp host:/path .", a malicious server could cause the file to be downloaded to an unexpected location. This issue was identified by the Swival Security Scanner. scp(1): when copying files between two remote destinations, do not allow a malicious server to write files to the parent directory of the intended target directory. This issue was identified by the Swival Security Scanner. sshd(8): when using the "internal-sftp" SFTP server implementation (this is not the default), long command lines were previously truncated silently after the 9th argument. If a security-relevant option was in the 10th or later position, it would be discarded. Reported by Steve Caffrey. sshd(8): add a documentation note to mention that the GSSAPIStrictAcceptorCheck option is ineffective when the server is joined to a Windows Active Directory. Reported by Yarin Aharoni of Safebreach. sshd(8): DisableForwarding=yes didn't override PermitTunnel=yes as it was documented to do. Note that PermitTunnel is not enabled by default. Reported independently by Huzaifa Sidhpurwala of Redhat and Marko Jevtic. sshd(8): avoid a potential pre-authentication denial of service when GSSAPIAuthentication was enabled (this feature is off by default). This was not mitigated by MaxAuthTries, but would be penalised by PerSourcePenalties. This was reported by Manfred Kaiser of the milCERT AT (Austrian Ministry of Defence). sshd(8): fix a number of cases where the minimumauthentication delay was not being enforced. Reported by the Orange Cyberdefense Vulnerability Team. ssh(1): fix a possible client-side use-after-free if the server changes its host key during a key reexchange. This was reported by Zhenpeng (Leo) Lin of Depthfirst. For more information, see: https://www.openssh.org/releasenotes.html#10.4 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/openssh-10.4p1-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/openssh-10.4p1-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-10.4p1-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssh-10.4p1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: eb8d3bbfb4cf2885d0ec7870a35e8a3f openssh-10.4p1-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 82ca7dcca95f4b0d7c6e2a56008d2ab3 openssh-10.4p1-x86_64-1_slack15.0.txz Slackware -current package: bdb19fd0e66d17df0b5ce744eff0c9c6 n/openssh-10.4p1-i686-1.txz Slackware x86_64 -current package: 74bc62b8dbefd17861c72de5568f6dc7 n/openssh-10.4p1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg openssh-10.4p1-i586-1_slack15.0.txz Next, restart the sshd daemon: # sh /etc/rc.d/rc.sshd restart +-----+ . New openssh packages for Slackware 15.0 address critical security issues including potential denial of service.. opensshsecurity update, slackware openssh patch, ssh security fixes, openssh vulnerabilities, slackware 15.0 security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Important Slackware
172

Ubuntu 16.04 OpenSSH Critical File Overwrite Risk USN-8514-1 CVE-2026-35385

OpenSSH could be made to overwrite files as the administrator.. ========================================================================== Ubuntu Security Notice USN-8514-1 July 06, 2026 openssh vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: OpenSSH could be made to overwrite files as the administrator. Software Description: - openssh: secure shell (SSH) for secure access to remote machines Details: It was discovered that OpenSSH incorrectly handled file permissions when downloading files as root using the legacy scp protocol without the preserve-mode option. An attacker could use this to install setuid or setgid files on a system, possibly leading to privilege escalation. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS openssh-client 1:7.2p2-4ubuntu2.10+esm8 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8514-1 CVE-2026-35385 . OpenSSH flaw could allow file overwriting by the admin in Ubuntu systems. Must update to avoid privilege escalation risks.. Ubuntu OpenSSH Update, OpenSSH Security Notice, Privilege Escalation Ubuntu. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Critical Ubuntu
100

SUSE OpenSSH Moderate Info Disclosure DoS Vulnerability 2026-22352-1

An update that solves two vulnerabilities and has one fix can now be installed.. # Security update for openssh Announcement ID: SUSE-SU-2026:22352-1 Release Date: 2026-06-24T15:22:37Z Rating: moderate References: * bsc#1259642 * bsc#1261441 * bsc#1264568 Cross-References: * CVE-2026-3497 * CVE-2026-35388 CVSS scores: * CVE-2026-3497 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3497 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-3497 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3497 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-3497 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35388 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35388 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for openssh fixes the following issues Security fixes: * CVE-2026-3497: information disclosure or denial of service due to uninitialized variables (bsc#1259642). * CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions (bsc#1261441). * openssh potential security issue when validating mac or ciphers (bsc#1264568). Other fixes: * Improve %prep LDAP regex to preserve subdirectories (e.g., openbsd-compat/) and handle optional [ab]/ prefixes. ## Patch Instructions: To install this SUSE update use the SUSErecommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1057=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1057=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * openssh-10.0p2-160000.6.1 * openssh-common-10.0p2-160000.6.1 * openssh-debuginfo-10.0p2-160000.6.1 * openssh-askpass-gnome-debuginfo-10.0p2-160000.6.1 * openssh-cavs-debuginfo-10.0p2-160000.6.1 * openssh-server-10.0p2-160000.6.1 * openssh-clients-10.0p2-160000.6.1 * openssh-debugsource-10.0p2-160000.6.1 * openssh-cavs-10.0p2-160000.6.1 * openssh-askpass-gnome-debugsource-10.0p2-160000.6.1 * openssh-server-debuginfo-10.0p2-160000.6.1 * openssh-clients-debuginfo-10.0p2-160000.6.1 * openssh-server-config-rootlogin-10.0p2-160000.6.1 * openssh-common-debuginfo-10.0p2-160000.6.1 * openssh-askpass-gnome-10.0p2-160000.6.1 * openssh-helpers-10.0p2-160000.6.1 * openssh-helpers-debuginfo-10.0p2-160000.6.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * openssh-10.0p2-160000.6.1 * openssh-common-10.0p2-160000.6.1 * openssh-cavs-debuginfo-10.0p2-160000.6.1 * openssh-debuginfo-10.0p2-160000.6.1 * openssh-askpass-gnome-debuginfo-10.0p2-160000.6.1 * openssh-server-10.0p2-160000.6.1 * openssh-clients-10.0p2-160000.6.1 * openssh-debugsource-10.0p2-160000.6.1 * openssh-cavs-10.0p2-160000.6.1 * openssh-askpass-gnome-debugsource-10.0p2-160000.6.1 * openssh-server-debuginfo-10.0p2-160000.6.1 * openssh-clients-debuginfo-10.0p2-160000.6.1 * openssh-server-config-rootlogin-10.0p2-160000.6.1 * openssh-common-debuginfo-10.0p2-160000.6.1 * openssh-askpass-gnome-10.0p2-160000.6.1 * openssh-helpers-10.0p2-160000.6.1 *openssh-helpers-debuginfo-10.0p2-160000.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3497.html * https://www.suse.com/security/cve/CVE-2026-35388.html * https://bugzilla.suse.com/show_bug.cgi?id=1259642 * https://bugzilla.suse.com/show_bug.cgi?id=1261441 * https://bugzilla.suse.com/show_bug.cgi?id=1264568 . SUSE security update for OpenSSH resolves two vulnerabilities enhancing overall security performance. Action recommended.. SUSE OpenSSH security update, moderate severity fix, information disclosure issue, denial of service threat. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 moderate SuSE
202

openSUSE OpenSSH Moderate Information Disclosure DoS Fix 2026-21044-1

An update that solves 2 vulnerabilities and has 3 bug fixes can now be installed.. openSUSE security update: security update for openssh ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21044-1 Rating: moderate References: * bsc#1259642 * bsc#1261441 * bsc#1264568 Cross-References: * CVE-2026-3497 * CVE-2026-35388 CVSS scores: * CVE-2026-3497 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-3497 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-35388 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 3 bug fixes can now be installed. Description: This update for openssh fixes the following issues Security fixes: - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables (bsc#1259642). - CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions (bsc#1261441). - openssh potential security issue when validating mac or ciphers (bsc#1264568). Other fixes: - Improve %prep LDAP regex to preserve subdirectories (e.g., openbsd-compat/) and handle optional [ab]/ prefixes. Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-1057=1 Package List: - openSUSE Leap 16.0: openssh-10.0p2-160000.6.1 openssh-askpass-gnome-10.0p2-160000.6.1 openssh-cavs-10.0p2-160000.6.1 openssh-clients-10.0p2-160000.6.1 openssh-common-10.0p2-160000.6.1 openssh-helpers-10.0p2-160000.6.1 openssh-server-10.0p2-160000.6.1 openssh-server-config-rootlogin-10.0p2-160000.6.1 References: * https://www.suse.com/security/cve/CVE-2026-3497.html * https://www.suse.com/security/cve/CVE-2026-35388.html . Update for openSUSE fixes moderate severity issues with openssh, resolving information disclosure and denial of service risks.. openSUSE security, openssh update, moderate severity, information disclosure, denial of service. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 moderate OpenSUSE
100

SUSE Linux Micro 6.2 openssh Moderate Security Issues 2026-22268-1

An update that solves two vulnerabilities and has one fix can now be installed.. # Security update for openssh Announcement ID: SUSE-SU-2026:22268-1 Release Date: 2026-06-24T15:23:44Z Rating: moderate References: * bsc#1259642 * bsc#1261441 * bsc#1264568 Cross-References: * CVE-2026-3497 * CVE-2026-35388 CVSS scores: * CVE-2026-3497 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3497 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-3497 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3497 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35388 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35388 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for openssh fixes the following issues Security fixes: * CVE-2026-3497: information disclosure or denial of service due to uninitialized variables (bsc#1259642). * CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions (bsc#1261441). * openssh potential security issue when validating mac or ciphers (bsc#1264568). Other fixes: * Improve %prep LDAP regex to preserve subdirectories (e.g., openbsd-compat/) and handle optional [ab]/ prefixes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: *SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-1057=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * openssh-common-10.0p2-160000.6.1 * openssh-clients-10.0p2-160000.6.1 * openssh-10.0p2-160000.6.1 * openssh-server-config-rootlogin-10.0p2-160000.6.1 * openssh-common-debuginfo-10.0p2-160000.6.1 * openssh-server-10.0p2-160000.6.1 * openssh-debugsource-10.0p2-160000.6.1 * openssh-clients-debuginfo-10.0p2-160000.6.1 * openssh-debuginfo-10.0p2-160000.6.1 * openssh-server-debuginfo-10.0p2-160000.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3497.html * https://www.suse.com/security/cve/CVE-2026-35388.html * https://bugzilla.suse.com/show_bug.cgi?id=1259642 * https://bugzilla.suse.com/show_bug.cgi?id=1261441 * https://bugzilla.suse.com/show_bug.cgi?id=1264568 . Monitor the SUSE Linux Micro 6.2 openssh update for moderate severity security fixes addressing information disclosures.. SUSE Linux openssh update security issues fixes. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 moderate SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200