Advisory ROSA-SA-2026-3152

Software: libssh 0.9.6 OS: ROSA Virtualization 3.1 unaffected versions = libssh-0.9.6-16.rv31 affected versions libssh-0.9.6-16.rv31 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside ...

MiracleLinux 8 : libssh-0.9.6-16.el8_10 (AXSA:2025-11173:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11173:03 advisory. libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 Tenable has extracted the preceding description block directly from the MiracleLinu...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

SUSE-SU-2025:02279-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. - CVE-2025-5318: Fixed likely read beyond bounds in sftp server...

AZL-64650 CVE-2025-5372 affecting package libssh for versions less than 0.10.6-2

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

openSUSE Security Update : openssl-1_1 (openSUSE-2020-62)

This update for openssl-11 fixes the following issues : Security issue fixed : - CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. Various FIPS related improvements were done : - FIPS: Backport SSH KDF to openssl...

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2020:0069-1)

This update for openssl-11 fixes the following issues : Security issue fixed : CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. Various FIPS related improvements were done: FIPS: Backport SSH KDF to openssl...

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2020:0002-1)

This update for openssl-11 fixes the following issues : Security issue fixed : CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. Various FIPS related improvements were done: FIPS: Backport SSH KDF to openssl...

openssl security update

1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...

openssl security, bug fix, and enhancement update

1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...