Red Hat Product Errata RHSA-2026:10714 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:10714 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables (CVE-2026-3497) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2447085 - CVE-2026-3497 openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVEs CVE-2026-3497 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM openssh-8.7p1-30.el9_2.10.src.rpm SHA-256: bd4a2fbb69b10d51d9078f40112a4e71fa24a079d0db1cb2d515f3cffe153996 x86_64 openssh-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: bc7d5e30f0cca984e42b3943c10779152664d1837d9ffc82ce618a97e006ba00 openssh-askpass-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 146573ebe2c5c66b44515e4b40c426e380e9da8cac0b0ea609b8821ddc1c791d openssh-askpass-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: b9d2c038003b2945cf025471f60b393a6fe02c257326593dbc07bc89b1e77b28 openssh-askpass-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: b9d2c038003b2945cf025471f60b393a6fe02c257326593dbc07bc89b1e77b28 openssh-clients-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 78c5244abf29abbf7c5e81c9fbfc7f89a4bb32d1c3c3c7cbb2cf00590491700b openssh-clients-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: c55d116e6720275eb8fbaab71bb30b99110ac71dc1a72fb70cdc43647c32a07d openssh-clients-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: c55d116e6720275eb8fbaab71bb30b99110ac71dc1a72fb70cdc43647c32a07d openssh-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 7013a2e03e8edc9b53992ca182e0f002fc4be806fb660bdc41c96a414db7b317 openssh-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 7013a2e03e8edc9b53992ca182e0f002fc4be806fb660bdc41c96a414db7b317 openssh-debugsource-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 0b63b41649dcb7cd0ebc81d213fd0a1cdec2bcb76c980b32f2aac91de0a3cb86 openssh-debugsource-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 0b63b41649dcb7cd0ebc81d213fd0a1cdec2bcb76c980b32f2aac91de0a3cb86 openssh-keycat-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: ec587b7aa4764a2c7a7b4ac87628b75806b03809faf6b326d882218912f667b0 openssh-keycat-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: b7b90dc2e73b8e62ac53c7297ba7b16d05e4b5e3691fabfd867125b7a005cce3 openssh-keycat-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: b7b90dc2e73b8e62ac53c7297ba7b16d05e4b5e3691fabfd867125b7a005cce3 openssh-server-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: aae4709fcad7416309d763329ca52c901388583795fb994f68ac6544d3231270 openssh-server-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 699c5f96124773c1f641b5cce48802d14b0a8824037757041c74fd6ba2be23b9 openssh-server-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 699c5f96124773c1f641b5cce48802d14b0a8824037757041c74fd6ba2be23b9 openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 658a970003a31466202d391609bca24be0635863b8510373126d5279a5b220dd openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 658a970003a31466202d391609bca24be0635863b8510373126d5279a5b220dd pam_ssh_agent_auth-0.10.4-5.30.el9_2.10.x86_64.rpm SHA-256: fd66334cdab3bdc173532b6f03e8bd9f2b12c0a2102c8750458aae916ee04b32 pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.10.x86_64.rpm SHA-256: 70a690d986807d12564b12ade2e18b93629fb8d3622cea438e58e7257275c6a1 pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.10.x86_64.rpm SHA-256: 70a690d986807d12564b12ade2e18b93629fb8d3622cea438e58e7257275c6a1 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM openssh-8.7p1-30.el9_2.10.src.rpm SHA-256: bd4a2fbb69b10d51d9078f40112a4e71fa24a079d0db1cb2d515f3cffe153996 ppc64le openssh-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 6851e8767f6abca0b0f0c142ea7df39b6049573fb320060d6902c3229cf11501 openssh-askpass-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: a484e07edec5f63b84c6310b37c0d7f7c0e54209ce4a52d8e803ac7ff2032579 openssh-askpass-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 32fac7e1a2e97727a74598b71591275628bc9425b3cc9c282c3fca887e279c1c openssh-askpass-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 32fac7e1a2e97727a74598b71591275628bc9425b3cc9c282c3fca887e279c1c openssh-clients-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: a53f569a0fede33095c13da9a9648c6e596729459ad549ed9e38ab024ab87f75 openssh-clients-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 09fc165be80b82242e062d009803ce2838c5bd0c6e67e1db960ca2797dbe58e3 openssh-clients-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 09fc165be80b82242e062d009803ce2838c5bd0c6e67e1db960ca2797dbe58e3 openssh-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 1f2dde69d368fa46fd036f0afa863676abcbf31d8cd9965097f42e3f6df88ccf openssh-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 1f2dde69d368fa46fd036f0afa863676abcbf31d8cd9965097f42e3f6df88ccf openssh-debugsource-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 742d841fb433c5061bda27ee66922d7f74dcb8f2e928c7da336cb490ebe45ffa openssh-debugsource-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 742d841fb433c5061bda27ee66922d7f74dcb8f2e928c7da336cb490ebe45ffa openssh-keycat-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 09eeb62e7695c555fec63c8b2f1877ca911bb519a5960a3caa57cd0b3cf09c6b openssh-keycat-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 265e7112a71a15ec97d369362545363de15927106a36d8681814efa8bf4089c8 openssh-keycat-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 265e7112a71a15ec97d369362545363de15927106a36d8681814efa8bf4089c8 openssh-server-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 1038764699c978ccc9e82b5a976a1b12cf65255744702ff3df7308cbf65b26c7 openssh-server-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 048f39465b1b6ea3bad333d993a8d1ecd126da38f54a00d8039aeb52472cd2bd openssh-server-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: 048f39465b1b6ea3bad333d993a8d1ecd126da38f54a00d8039aeb52472cd2bd openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: b6a1236ff5618e391d3d94b057feaf92de3aa8e4cd0c4b573dce3831bdbbae21 openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.10.ppc64le.rpm SHA-256: b6a1236ff5618e391d3d94b057feaf92de3aa8e4cd0c4b573dce3831bdbbae21 pam_ssh_agent_auth-0.10.4-5.30.el9_2.10.ppc64le.rpm SHA-256: cb271265dc34dbff3495e23fb5740888b648003d52f7e943b9e2ad551a8eeef3 pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.10.ppc64le.rpm SHA-256: ed1e849885975122ea194c38cf702a60480a24749fd3767562d070b21856eaf8 pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.10.ppc64le.rpm SHA-256: ed1e849885975122ea194c38cf702a60480a24749fd3767562d070b21856eaf8 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM openssh-8.7p1-30.el9_2.10.src.rpm SHA-256: bd4a2fbb69b10d51d9078f40112a4e71fa24a079d0db1cb2d515f3cffe153996 x86_64 openssh-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: bc7d5e30f0cca984e42b3943c10779152664d1837d9ffc82ce618a97e006ba00 openssh-askpass-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 146573ebe2c5c66b44515e4b40c426e380e9da8cac0b0ea609b8821ddc1c791d openssh-askpass-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: b9d2c038003b2945cf025471f60b393a6fe02c257326593dbc07bc89b1e77b28 openssh-askpass-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: b9d2c038003b2945cf025471f60b393a6fe02c257326593dbc07bc89b1e77b28 openssh-clients-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 78c5244abf29abbf7c5e81c9fbfc7f89a4bb32d1c3c3c7cbb2cf00590491700b openssh-clients-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: c55d116e6720275eb8fbaab71bb30b99110ac71dc1a72fb70cdc43647c32a07d openssh-clients-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: c55d116e6720275eb8fbaab71bb30b99110ac71dc1a72fb70cdc43647c32a07d openssh-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 7013a2e03e8edc9b53992ca182e0f002fc4be806fb660bdc41c96a414db7b317 openssh-debuginfo-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 7013a2e03e8edc9b53992ca182e0f002fc4be806fb660bdc41c96a414db7b317 openssh-debugsource-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 0b63b41649dcb7cd0ebc81d213fd0a1cdec2bcb76c980b32f2aac91de0a3cb86 openssh-debugsource-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: 0b63b41649dcb7cd0ebc81d213fd0a1cdec2bcb76c980b32f2aac91de0a3cb86 openssh-keycat-8.7p1-30.el9_2.10.x86_64.rpm SHA-256: ec587b7aa4764a2c7a7b4ac87628b75806b03809faf6b326d8822