CVE-2026-55653

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...

EUVD-2026-38412

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...

CVE-2026-55653 Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...

CVE-2026-55653

CVE-2026-55653 affects OpenSSH and describes a double-free in the DH-GEX client path during FIPS known-group validation, allowing a malicious SSH server to terminate the client process and cause a Denial of Service. The issue is tied to processing attacker-controlled DH-GEX group parameters and i...

CVE-2026-55653

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...

Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities

Question Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...

SUSE CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX X9.42 peer key. Due to improper validation of the peer key's subgroup membership, an attacker can recover the victim's private key after a small number of key exchange attempts. This...

openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX X9.42 peer key. Due to improper validation of the peer key's subgroup membership, an attacker can recover the victim's private key after a small number of key exchange attempts. This...

CVE-2026-42770

A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX X9.42 peer key. Due to improper validation of the peer key's subgroup membership, an attacker can recover the victim's private key after a small number of key exchange attempts. This...

Linux Distros Unpatched Vulnerability : CVE-2026-42770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: ...

EUVD-2026-35487

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

ALPINE-CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42770 FFC-DH Peer Validation Uses Attacker-Supplied q

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42770 FFC-DH Peer Validation Uses Attacker-Supplied q

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42770

CVE-2026-42770 affects OpenSSL FIPS modules (4.0, 3.6, 3.5, 3.4, 3.0) and related deployments using EVP_PKEY_derive_set_peer() with DHX/X9.42 keys. The vulnerability arises when the subgroup check Y^q ≡ 1 (mod p) uses the peer’s q instead of the local key’s q, allowing a malicious X9.42 peer to c...

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

PT-2026-47840

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS modules versions 3.0, 3.4, 3.5, 3.6, and 4.0 Description When the EVP PKEY derive set peer function is called with a DHX X9.42 peer key, the software fails to properly verify subgroup membership. Specifically, the check Y^q ≡ 1 mo...