CVE-2026-53303

CVE-2026-53303 — In the Linux kernel's f2fs subsystem, f2fs_sbi_show() reads extension_list, extension_count, and hot_ext_count without holding sbi->sb_lock. A concurrent sysfs store in f2fs_update_extension_list() could cause inconsistent counts or contents, risking out-of-bounds access or di...

Linux Distros Unpatched Vulnerability : CVE-2026-55199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that...

DEBIAN-CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

EUVD-2026-37782

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

CVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

CVE-2026-55199

CVE-2026-55199 affects libssh2 up to version 1.11.1. The vulnerability lies in the SSH_MSG_EXT_INFO handler (src/packet.c), where return values from _libssh2_get_string() are unchecked. During key exchange, a malicious SSH server can set nr_extensions to 0xFFFFFFFF, causing the client to spin in ...

CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

PT-2026-50527

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.1 Description A pre-authentication denial of service issue exists in the SSH MSG EXT INFO handler within src/packet.c. A malicious SSH server can trigger a CPU exhaustion loop on the client by sending a crafted...

CLSA-2026-1773929316 Fix CVE(s): CVE-2026-3731

SECURITY UPDATE: remote out-of-bounds read in SFTP extension name handler - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read from sftp extensions; correct index comparison from '' to '=' and prevent access past extension count. - CVE-2026-3731...