31 matches found
SUSE-SU-2026:22268-1 Security update for openssh
This update for openssh fixes the following issues Security fixes: - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions bsc1261441. - openssh...
SUSE-SU-2026:22352-1 Security update for openssh
This update for openssh fixes the following issues Security fixes: - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions bsc1261441. - openssh...
OPENSUSE-SU-2026:21044-1 Security update for openssh
This update for openssh fixes the following issues Security fixes: - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions bsc1261441. - openssh...
SUSE SLES12 Security Update : openssh8.4 (SUSE-SU-2026:2430-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2430-1 advisory. This update for openssh8.4 fixes the following issues - CVE-2026-3497: Information disclosure or denial of service due to uninitialized variabl...
SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2395-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2395-1 advisory. This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables...
SUSE-SU-2026:2430-1 Security update for openssh8.4
This update for openssh8.4 fixes the following issues - CVE-2026-3497: Information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...
Security update for openssh
This update for openssh fixes the following issues CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. CVE-2026-35414: mishandling of authorizedkeys principals...
SUSE-SU-2026:2395-1 Security update for openssh
This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys...
SUSE SLED15 / SLES15 Security Update : openssh (SUSE-SU-2026:2371-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2371-1 advisory. This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of servic...
SUSE SLES15 Security Update : openssh (SUSE-SU-2026:2375-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2375-1 advisory. This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialize...
Security update for openssh
This update for openssh fixes the following issues CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. CVE-2026-35388: omitted connection multiplexing...
SUSE-SU-2026:2375-1 Security update for openssh
This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...
Security update for openssh
This update for openssh fixes the following issues CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. CVE-2026-35388: omitted connection multiplexing...
SUSE-SU-2026:2371-1 Security update for openssh
This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...
SUSE-SU-2026:22067-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2026-35388: Added missing askpass check for proxy-mode multiplexing sessions bsc1261441 - CVE-2026-3497: Fixed a possible information disclosure or denial of service due to uninitialized variables in gssapi patches bsc1259642 - Add patch t...
SUSE-SU-2026:21875-1 Security update for openssh
This update for openssh fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430. Changes for openssh: - Fix a potential issue when validating mac bsc1264568:...
DEBIAN-CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...
CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem : While most ip tunnel helpers like iptunnelgetdsfield uses skbprotocolskb, true, pskbinetmaypull is only using...
CVE-2024-35973
CVE-2024-35973 affects the Linux kernel's geneve code path. The issue arises from incomplete header validation in geneve_xmit_skb, where skb->protocol handling could leave pskb_inet_may_pull() with an uninitialized or unexpected value, potentially triggering an uninit-value during transmission...
CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem : While most ip tunnel helpers like iptunnelgetdsfield uses skbprotocolskb, true, pskbinetmaypull is only using...