2 matches found
CLSA-2026-1776701249 libssh: Fix of CVE-2026-0968
CVE-2026-0968: sanitize input handling in sftpparselongname to prevent OOB read when processing malformed SFTP longname fields, add unit tests...
CLSA-2026-1776361748 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...