27 matches found
RLSA-2025:23480 Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...
Updated openssh packages fix security vulnerabilities
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. CVE-2025-61984...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : OpenSSH vulnerabilities (USN-8090-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8090-1 advisory. Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations...
USN-8090-2 openssh vulnerabilities
USN-8090-1 fixed vulnerabilities in OpenSSH. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the...
USN-8090-2: OpenSSH vulnerabilities
USN-8090-1 fixed vulnerabilities in OpenSSH. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the...
USN-8090-1: OpenSSH vulnerabilities
Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the GSSAPIKeyExchange setting is enabled, a remote attacker could use this issue to cause OpenSSH to crash, resulting in a denial of service, or possibly...
Moderate: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
K000159684: OpenSSH vulnerabilities CVE-2025-61984 and CVE-2025-61985
Security Advisory Description CVE-2025-61984 ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence...
MiracleLinux 9 : openssh-8.7p1-47.el9_7.ML.1 (AXSA:2025-11563:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11563:07 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in...
CLSA-2026-1767627533 openssh: Fix of CVE-2025-61985
CVE-2025-61985: potential code execution using the ‘\0’ character in an ssh:// URI, when a ProxyCommand is used...
Moderate: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 10 : openssh (RHSA-2025:23479)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23479 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
RHEL 9 : openssh (RHSA-2025:23480)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23480 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...
ALSA-2025:23479 Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...
SUSE-SU-2025:21161-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...
SUSE-SU-2025:21128-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...
SUSE-SU-2025:4098-1 Security update for openssh8.4
This update for openssh8.4 fixes the following issues: - CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used bsc1251198 - CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...
SUSE-SU-2025:4067-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used bsc1251198 - CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...
OESA-2025-2586 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...