CLSA-2026-1777950533 openssh: Fix of CVE-2026-3497

CVE-2026-3497: fix information disclosure / DoS in GSSAPI key exchange by initialising gssbuf, recvtok, msgtok to GSSCEMPTYBUFFER and replacing non-terminating sshpktdisconnect with sshpacketdisconnect in kexgssc.c / kexgsss.c...

CLSA-2026-1777939266 libssh: Fix of CVE-2026-0966

CVE-2026-0966: fix heap buffer underflow in sshgethexa on NULL or zero-length input, remotely reachable via GSSAPI authentication logging...

Astra Linux - уязвимость в krb5

A vulnerability in the MIT Kerberos implementation allows for GSSAPI-protected messages that use RC4-HMAC-MD5 to be spoofed, due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption methods, an attacker could exploit MD5 collisions to forge message integrity code...

Astra Linux - уязвимость в libssh

The API function sshgethexa is vulnerable when a 0-length input is provided to this function. This function is internally used in sshgetfingerprinthash and sshprinthexa deprecated, and it is also vulnerable to such inputs the length of the input is provided by the calling application. This functi...

Astra Linux - уязвимость в heimdal, samba

A heap-based buffer overflow vulnerability was discovered in Samba, within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow for a length-limited write buffer overflow on memory allocated by malloc, when a...

CLSA-2026-1777455730 openssh: Fix of CVE-2026-3497

CVE-2026-3497: fix information disclosure or denial of service due to uninitialized variables in GSSAPI key exchange...

Fedora 44 : libgsasl (2026-5868a8d652)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5868a8d652 advisory. GSSAPI server: Boundary check gsswrap token read OOB Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

CVE-2026-40356

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the parsenegomessage function when the NegoEx mechanism is registered in the system's GSSAPI configuration. An attacker can cause the process to terminate by sending specially crafted requests remotely...

PT-2026-35656

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 versions prior to 1.22.3 Description A NULL pointer dereference occurs when an application calls the gss accept sec context function on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote...

ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc

...

[SECURITY] Fedora 44 Update: libgsasl-1.10.0-15.fc44

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms...

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables

A flaw was found in the OpenSSH GSSAPI Generic Security Service Application Program Interface delta patches, as included in various Linux distributions. A remote attacker could exploit this by sending an unexpected GSSAPI message type during the key exchange process. This occurs because the...

Debian dsa-6204 : openssh-client - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6204 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6204-1 [email protected]...

Debian dla-4535 : openssh-client - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4535 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4535-1 [email protected] https://www.debian.org/lts/security/...

OESA-2026-1963 openssh security update

An open source implementation of SSH protocol version 2 Security Fixes: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. Th...

[SECURITY] [DLA 4535-1] openssh security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4535-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 16, 2026 https://wiki.debian.org/LTS -...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Allocation of Resources in Golang Go (CVE-2025-58181)

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Allocation of Resources in Golang Go, caused by an issue in SSH servers parsing GSSAPI authentication requests, which do not validate the number of mechanisms specified in the request CVE-2025-58181. Golang Go is used in ou...

AlmaLinux 10 : openssh (ALSA-2026:6463)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:6463 advisory. openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVE-2026-3497 Tenable has extracted the preceding description...