Red Hat Product Errata RHSA-2026:9415 - Security Advisory Issued: 2026-04-21 Updated: 2026-04-21 RHSA-2026:9415 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables (CVE-2026-3497) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2447085 - CVE-2026-3497 openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVEs CVE-2026-3497 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM openssh-8.7p1-45.el9_6.2.src.rpm SHA-256: 1ddf2a92b05dd9431ce5b6b884b449c7f855806a7586114f9034c2602172163f x86_64 openssh-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 565be9396284a3e184e9ed191f0f37017ea38b746edc4d1e949ad325809ea3a8 openssh-askpass-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 3e1969d294d65e4251d4c8145311d6169289c7f38fb78d0d77e7ed0162b95722 openssh-askpass-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: ddf1aa2288d5c2b780721a80159d06fa2f4dad12ee2cfbfa45a4f0aee0eaaf12 openssh-askpass-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: ddf1aa2288d5c2b780721a80159d06fa2f4dad12ee2cfbfa45a4f0aee0eaaf12 openssh-clients-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 4773b6813ea7d5336140d853474333292470d4dc83842403d8eb7feaee45d5c4 openssh-clients-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: bad9f869303bebc26cae28c4196504ea7c7bd11616149c45880b5f4b5c4e2e1c openssh-clients-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: bad9f869303bebc26cae28c4196504ea7c7bd11616149c45880b5f4b5c4e2e1c openssh-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 101e70509775505adbea8dff4026a2bbe23cdd8bf3665cf6f539792eb9bf36b5 openssh-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 101e70509775505adbea8dff4026a2bbe23cdd8bf3665cf6f539792eb9bf36b5 openssh-debugsource-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 0664c05154b7bdeb6117a58f4fe77976f6d461b2e1ec1fb180e6798368748700 openssh-debugsource-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 0664c05154b7bdeb6117a58f4fe77976f6d461b2e1ec1fb180e6798368748700 openssh-keycat-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: b32d8b9aabda257ad9c50df66e2068d5671b56cc23e599598ed325f54495a7a5 openssh-keycat-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 21ba80d02e638ac5f7953496e73d386cef1641e9e9fa626f8d6a339e2ade322a openssh-keycat-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 21ba80d02e638ac5f7953496e73d386cef1641e9e9fa626f8d6a339e2ade322a openssh-server-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 1e7852baed174ab75d0353ebe1069f1c6d1f16b737d179e6d673d98594aab3e9 openssh-server-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 770c2c4f0dd2096f5a5de1b5111ae6c28609edee543cf3282e78a3674c2f3b82 openssh-server-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 770c2c4f0dd2096f5a5de1b5111ae6c28609edee543cf3282e78a3674c2f3b82 openssh-sk-dummy-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 314caf43fd291674401b380065910b312b49d642511ac5e8ca1b2877105b8662 openssh-sk-dummy-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 314caf43fd291674401b380065910b312b49d642511ac5e8ca1b2877105b8662 pam_ssh_agent_auth-0.10.4-5.45.el9_6.1.x86_64.rpm SHA-256: 32eaf3d2d5edebe317feb0889395953108a7411de86e259cd76fb3780eacc128 pam_ssh_agent_auth-debuginfo-0.10.4-5.45.el9_6.1.x86_64.rpm SHA-256: c3b20f4c7e8942be98491dce56a378bc5cf0ada43414a61885bb0522da59bcf9 pam_ssh_agent_auth-debuginfo-0.10.4-5.45.el9_6.1.x86_64.rpm SHA-256: c3b20f4c7e8942be98491dce56a378bc5cf0ada43414a61885bb0522da59bcf9 Red Hat Enterprise Linux Server - AUS 9.6 SRPM openssh-8.7p1-45.el9_6.2.src.rpm SHA-256: 1ddf2a92b05dd9431ce5b6b884b449c7f855806a7586114f9034c2602172163f x86_64 openssh-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 565be9396284a3e184e9ed191f0f37017ea38b746edc4d1e949ad325809ea3a8 openssh-askpass-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 3e1969d294d65e4251d4c8145311d6169289c7f38fb78d0d77e7ed0162b95722 openssh-askpass-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: ddf1aa2288d5c2b780721a80159d06fa2f4dad12ee2cfbfa45a4f0aee0eaaf12 openssh-askpass-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: ddf1aa2288d5c2b780721a80159d06fa2f4dad12ee2cfbfa45a4f0aee0eaaf12 openssh-clients-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 4773b6813ea7d5336140d853474333292470d4dc83842403d8eb7feaee45d5c4 openssh-clients-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: bad9f869303bebc26cae28c4196504ea7c7bd11616149c45880b5f4b5c4e2e1c openssh-clients-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: bad9f869303bebc26cae28c4196504ea7c7bd11616149c45880b5f4b5c4e2e1c openssh-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 101e70509775505adbea8dff4026a2bbe23cdd8bf3665cf6f539792eb9bf36b5 openssh-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 101e70509775505adbea8dff4026a2bbe23cdd8bf3665cf6f539792eb9bf36b5 openssh-debugsource-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 0664c05154b7bdeb6117a58f4fe77976f6d461b2e1ec1fb180e6798368748700 openssh-debugsource-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 0664c05154b7bdeb6117a58f4fe77976f6d461b2e1ec1fb180e6798368748700 openssh-keycat-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: b32d8b9aabda257ad9c50df66e2068d5671b56cc23e599598ed325f54495a7a5 openssh-keycat-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 21ba80d02e638ac5f7953496e73d386cef1641e9e9fa626f8d6a339e2ade322a openssh-keycat-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 21ba80d02e638ac5f7953496e73d386cef1641e9e9fa626f8d6a339e2ade322a openssh-server-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 1e7852baed174ab75d0353ebe1069f1c6d1f16b737d179e6d673d98594aab3e9 openssh-server-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 770c2c4f0dd2096f5a5de1b5111ae6c28609edee543cf3282e78a3674c2f3b82 openssh-server-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 770c2c4f0dd2096f5a5de1b5111ae6c28609edee543cf3282e78a3674c2f3b82 openssh-sk-dummy-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 314caf43fd291674401b380065910b312b49d642511ac5e8ca1b2877105b8662 openssh-sk-dummy-debuginfo-8.7p1-45.el9_6.2.x86_64.rpm SHA-256: 314caf43fd291674401b380065910b312b49d642511ac5e8ca1b2877105b8662 pam_ssh_agent_auth-0.10.4-5.45.el9_6.1.x86_64.rpm SHA-256: 32eaf3d2d5edebe317feb0889395953108a7411de86e259cd76fb3780eacc128 pam_ssh_agent_auth-debuginfo-0.10.4-5.45.el9_6.1.x86_64.rpm SHA-256: c3b20f4c7e8942be98491dce56a378bc5cf0ada43414a61885bb0522da59bcf9 pam_ssh_agent_auth-debuginfo-0.10.4-5.45.el9_6.1.x86_64.rpm SHA-256: c3b20f4c7e8942be98491dce56a378bc5cf0ada43414a61885bb0522da59bcf9 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM openssh-8.7p1-45.el9_6.2.src.rpm SHA-256: 1ddf2a92b05dd9431ce5b6b884b449c7f855806a7586114f9034c2602172163f s390x openssh-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 8d5e78edfd80cbf78bd0850422d078134f4cb185cf6202cdb464354a4e59a536 openssh-askpass-8.7p1-45.el9_6.2.s390x.rpm SHA-256: e7b9224d26402cd0694102860abfe3703075cd97ebac9b054a67b8e291f5875c openssh-askpass-debuginfo-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 9656f6ee1a2db4b11ca6ae8f9e3ef0249ba623afb283ec4646b50b6e050e5bce openssh-askpass-debuginfo-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 9656f6ee1a2db4b11ca6ae8f9e3ef0249ba623afb283ec4646b50b6e050e5bce openssh-clients-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 17e8f5f43be43cc49c67d19479f41210912deeebf073d21d61317e3ad6247112 openssh-clients-debuginfo-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 751ddf6379caf2f814398d88e02d2b04f8f1d4aefa8db7ea3ba43931215b6dff openssh-clients-debuginfo-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 751ddf6379caf2f814398d88e02d2b04f8f1d4aefa8db7ea3ba43931215b6dff openssh-debuginfo-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 140027283bec85478526eeeea2fc72aa407e93f9d33333d9404ebc9c26e7a1ff openssh-debuginfo-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 140027283bec85478526eeeea2fc72aa407e93f9d33333d9404ebc9c26e7a1ff openssh-debugsource-8.7p1-45.el9_6.2.s390x.rpm SHA-256: 8521ba850136cb6d45ec68ecec85bbf16ee72ae76edc9768a2aae0d56bea8108 openssh-debugsource-8.7p1-45.el9_6.2.s39