Astra Linux - уязвимость в libssh2

In libssh2 before version 1.9.0, the kexmethoddiffiehellmangroupexchangesha256keyexchange function in kex.c contains an integer overflow that could lead to an out-of-bounds read when packets are read from the server. A remote attacker who compromises an SSH server may be able to disclose sensitiv...

EUVD-2025-209397

A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due to insufficient SSH host key validation an attacker can perform a machine-in-the-middle attack on the SSH...

CVE-2025-13914

A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due to insufficient SSH host key validation an attacker can perform a machine-in-the-middle attack on the SSH...

PT-2026-31796

Name of the Vulnerable Software and Affected Versions Juniper Networks Apstra versions prior to 6.1.1 Description A Key Exchange without Entity Authentication issue exists in the SSH implementation of Juniper Networks Apstra. This allows an unauthenticated, man-in-the-middle MITM attacker to...

MiracleLinux 9 : podman-5.2.2-15.el9_5 (AXSA:2025-9819:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9819:02 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description bloc...

MiracleLinux 9 : gvisor-tap-vsock-0.8.5-1.el9_5 (AXSA:2025-9855:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9855:01 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description bloc...

MiracleLinux 9 : gvisor-tap-vsock-0.8.5-1.el9_6 (AXSA:2025-10485:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10485:03 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description blo...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2025-9813:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9813:01 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description bloc...

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP that stems from SSH not strictly enforcing the KEX handshake, which could lead t...

Configure Proper SSH Key Exchange Algorithms

Key exchange is a process in which two parties exchange keys to allow the use of an encryption algorithm. A secure key exchange algorithm enables them to securely exchange keys, thereby using encryption algorithms to encrypt messages to be sent and decrypt received messages. Set the SSH key...

Security update for podman

This update for podman fixes the following issues: CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239330. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

Important: docker

Issue Overview: An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. CVE-2025-22868 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or no...

Security update for docker, docker-stable

This update for docker, docker-stable fixes the following issues: CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. Other fixes: - Make...

RHEL 8 : container-tools:rhel8 (RHSA-2025:3266)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3266 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes:...

RHEL 8 : container-tools:rhel8 (RHSA-2025:3210)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3210 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes:...

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security h...

Security update for buildah

This update for buildah fixes the following issues: CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239339. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for buildah

This update for buildah fixes the following issues: CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239339. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...