Security Bulletin: Vulnerabilities in multiple components affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in libssh, iputils, glib2, libtasn1 and gnutls components affect IBM Storage Virtualize products and could cause denial of service and confidentiality impacts. CVE-2025-47268 CVE-2025-4373 CVE-2024-12133 CVE-2025-48964 CVE-2024-12243. Vulnerability Details...

RHSA-2025:21977 Red Hat Security Advisory: libssh security update

Bulletin has no description...

RLSA-2025:21977 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

libssh security update

0.10.4-15 - Bump spec to make the 9.7 NVR higher than the 9.6 one 0.10.4-14 - Fix CVE-2025-5318 Resolves: RHEL-111732...

AlmaLinux 10 : libssh (ALSA-2025:21013)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21013 advisory. libssh: out-of-bounds read in sftphandle CVE-2025-5318 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

Oracle Linux 8 : libssh (ELSA-2025-21977)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21977 advisory. 0.9.6-16 - Fix CVE-2025-5372 Resolves: RHEL-121232 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

RockyLinux 8 : libssh (RLSA-2025:21977)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21977 advisory. libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 Tenable has extracted the preceding description block directly from the RockyLinux...

libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

libssh security update

0.9.6-16 - Fix CVE-2025-5372 Resolves: RHEL-121232...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libssh (UTSA-2025-990958)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990958 advisory. A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be triggered i...

RHEL 8 : libssh (RHSA-2025:21977)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21977 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libssh (UTSA-2025-990957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990957 advisory. A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during the...

ALSA-2025:21977 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

EulerOS 2.0 SP13 : libssh (EulerOS-SA-2025-2437)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2025-2437)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2025-2448)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.59 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.59 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...