Red Hat Product Errata RHSA-2026:13381 - Security Advisory Issued: 2026-05-04 Updated: 2026-05-04 RHSA-2026:13381 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode (CVE-2026-35385) OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option (CVE-2026-35414) OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage (CVE-2026-35387) OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions (CVE-2026-35388) OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username (CVE-2026-35386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Fixes BZ - 2454469 - CVE-2026-35385 OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode BZ - 2454490 - CVE-2026-35414 OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option BZ - 2454494 - CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage BZ - 2454500 - CVE-2026-35388 OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions BZ - 2454506 - CVE-2026-35386 OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username CVEs CVE-2026-35385 CVE-2026-35386 CVE-2026-35387 CVE-2026-35388 CVE-2026-35414 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM openssh-8.7p1-49.el9_7.src.rpm SHA-256: e4e9a90bd47589071b5d875f171273df1127c5f0c82e7c209377e12992b8dfbf x86_64 openssh-8.7p1-49.el9_7.x86_64.rpm SHA-256: a859879d3067c54a6a0d213a3e8d6293d09cab06a69f5d242bb22c5a2b3c2ee4 openssh-askpass-8.7p1-49.el9_7.x86_64.rpm SHA-256: 4ec4a60ec2606fefa420fe02f0012b4c5e10edcbe631776502ce08350e0db779 openssh-askpass-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: ffe5762f073b5d2d1780b3148ddeb1e22c251b0c4a68539e2849f8834bce4b4c openssh-askpass-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: ffe5762f073b5d2d1780b3148ddeb1e22c251b0c4a68539e2849f8834bce4b4c openssh-clients-8.7p1-49.el9_7.x86_64.rpm SHA-256: e69818f7a450a92dc507243bdff7a7bf33143ed3fcfdc80da7d54a519a784e6c openssh-clients-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 55defa41157997b80f38d1376dc75bb5114e46e7fb807149586bcaa0bdaba8ed openssh-clients-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 55defa41157997b80f38d1376dc75bb5114e46e7fb807149586bcaa0bdaba8ed openssh-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 7c7a9af0f8d17739d0d23819a20940256dfe9354e5ebfa4ca085331ad9063eec openssh-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 7c7a9af0f8d17739d0d23819a20940256dfe9354e5ebfa4ca085331ad9063eec openssh-debugsource-8.7p1-49.el9_7.x86_64.rpm SHA-256: 41d0a7e30298da3fc0574fd66cf65888b765822caeafbd488ec93ba4972780a0 openssh-debugsource-8.7p1-49.el9_7.x86_64.rpm SHA-256: 41d0a7e30298da3fc0574fd66cf65888b765822caeafbd488ec93ba4972780a0 openssh-keycat-8.7p1-49.el9_7.x86_64.rpm SHA-256: f27c02e435c2d54cd687ea085af8d9fc9172f1e8c1d971ea35c90478637c88d0 openssh-keycat-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 91e9148105ab89e88b83feca64f06beb2d4c4683185f6dba4f7697641c83bd7d openssh-keycat-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 91e9148105ab89e88b83feca64f06beb2d4c4683185f6dba4f7697641c83bd7d openssh-server-8.7p1-49.el9_7.x86_64.rpm SHA-256: 1f3dc24311271a3145288d025f424a9b46192470019111f687b6631071ce8fd8 openssh-server-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 8c9fbfbf97d1ea505e63be8d5d21d0f9545c7959fa179d1aec738ab1b938641c openssh-server-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 8c9fbfbf97d1ea505e63be8d5d21d0f9545c7959fa179d1aec738ab1b938641c openssh-sk-dummy-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 42a342f5400e13ff1a7dd6c84502d04c5e8e10535beb98cbb58a5f97532dbf72 openssh-sk-dummy-debuginfo-8.7p1-49.el9_7.x86_64.rpm SHA-256: 42a342f5400e13ff1a7dd6c84502d04c5e8e10535beb98cbb58a5f97532dbf72 pam_ssh_agent_auth-0.10.4-5.49.el9_7.x86_64.rpm SHA-256: e5211a0a6f3ab1fbfb27cf27b653a3cba4ef8bf5cd221e3cf998777d7a09cbb1 pam_ssh_agent_auth-debuginfo-0.10.4-5.49.el9_7.x86_64.rpm SHA-256: fead7327782fbce31d509d63d1f8bf2dda3d8da895ccaf85bf0564bc9de7facb pam_ssh_agent_auth-debuginfo-0.10.4-5.49.el9_7.x86_64.rpm SHA-256: fead7327782fbce31d509d63d1f8bf2dda3d8da895ccaf85bf0564bc9de7facb Red Hat Enterprise Linux for IBM z Systems 9 SRPM openssh-8.7p1-49.el9_7.src.rpm SHA-256: e4e9a90bd47589071b5d875f171273df1127c5f0c82e7c209377e12992b8dfbf s390x openssh-8.7p1-49.el9_7.s390x.rpm SHA-256: 77b565408569ca58ee31409663d620b18af23612336b7977dc93a7857f2c8437 openssh-askpass-8.7p1-49.el9_7.s390x.rpm SHA-256: 975b6cf9b24eb115b36cabc3dcfac1a06635d1355dfa4cca7a34d657c45ccd21 openssh-askpass-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 175f05a3adcf859ea23d4964202ff0b621c5bcca56b855ef844f00ee3ad0eee8 openssh-askpass-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 175f05a3adcf859ea23d4964202ff0b621c5bcca56b855ef844f00ee3ad0eee8 openssh-clients-8.7p1-49.el9_7.s390x.rpm SHA-256: f97e60e808ff188c447691b63389f827c48c540f97df63da7a0b86ed1608bc75 openssh-clients-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 195d2ffe972cb1c8bcb5706aef0157a10e808e93fdf6daa1e082234bea652386 openssh-clients-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 195d2ffe972cb1c8bcb5706aef0157a10e808e93fdf6daa1e082234bea652386 openssh-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 6872461ab3a50f5cc372941f28d93490f84b9fc0a0af1f10d51c0ef97644429a openssh-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 6872461ab3a50f5cc372941f28d93490f84b9fc0a0af1f10d51c0ef97644429a openssh-debugsource-8.7p1-49.el9_7.s390x.rpm SHA-256: d04d31d96c4db1e9ba08d93e9dd119ebcd1e07bf37628a5835850f9855db4eed openssh-debugsource-8.7p1-49.el9_7.s390x.rpm SHA-256: d04d31d96c4db1e9ba08d93e9dd119ebcd1e07bf37628a5835850f9855db4eed openssh-keycat-8.7p1-49.el9_7.s390x.rpm SHA-256: 70681c7a95a86884089bcfe776f8d575759eac2cb576ebb52b82fd70b0c14e66 openssh-keycat-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 5f7cdbcc7835d11753e708e3d975fdc1dba71ce9506e7fe3b0d2428036111ba3 openssh-keycat-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 5f7cdbcc7835d11753e708e3d975fdc1dba71ce9506e7fe3b0d2428036111ba3 openssh-server-8.7p1-49.el9_7.s390x.rpm SHA-256: 8df683c4ea53f0d516519daaf1c522cdfbb016d938f30a43b33f1818ce3eb7e0 openssh-server-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 58dd961770290dcf1c0784004345553aa27e152770de568dfd9cc226735db4ac openssh-server-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 58dd961770290dcf1c0784004345553aa27e152770de568dfd9cc226735db4ac openssh-sk-dummy-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 129ba70515f4f5f47954a5f3466bc9c4c130612677de6f51c99ead4cf25eb2c1 openssh-sk-dummy-debuginfo-8.7p1-49.el9_7.s390x.rpm SHA-256: 129ba70515f4f5f47954a5f3466bc9c4c130612677de6f51c99ead4cf25eb2c1 pam_ssh_agent_auth-0.10.4-5.49.el9_7.s390x.rpm SHA-256: be85e2db5269cfa8c57990934dff4cffc0e3c760206ee3e7ba86bd6d56cd59eb pam_ssh_agent_auth-debuginfo-0.10.4-5.49.el9_7.s390x.rpm SHA-256: dbb975145dad8447ff9d36a650e61a93f23281a6ade6d7893fd553e17e220b03 pam_ssh_agent_auth-debuginfo-0.10.4-5.49.el9_7.s390x.rpm SHA-256: dbb975145dad8447ff9d36a650e61a93f23281a6ade6d7893fd553e17e220b03 Red Hat Enterprise Linux for Power, little endian 9 SRPM openssh-8.7p1-49.el9_7.src.rpm SHA-256: e4e9a90bd47589071b5d875f171273df1127c5f0c82e7c209377e12992b8dfbf ppc64le openssh-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 6ed7a524c417ea416af631158b986ab147b6046e85b7d44300855007c9e4b872 openssh-askpass-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 91bad46afd5d6395f57db9a52be3b6c42b716436055a0a844eb564efe77e28bc openssh-askpass-debuginfo-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 526faa7f16c30e9ffe63d3fc2bdc8fc0f33424ec10336662cefca2efcfa9edf9 openssh-askpass-debuginfo-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 526faa7f16c30e9ffe63d3fc2bdc8fc0f33424ec10336662cefca2efcfa9edf9 openssh-clients-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 2c3bffe6ecaf35941945c071ba44b85d7cf058d98d7e6d2d7a389b8ae5cfe716 openssh-clients-debuginfo-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 0921250202f08b3cc9632d52778487fd89652cd11ba646535d3d07d4ff5d9bc1 openssh-clients-debuginfo-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 0921250202f08b3cc9632d52778487fd89652cd11ba646535d3d07d4ff5d9bc1 openssh-debuginfo-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 23359b3c93e097251ca8a34798905203ebb4f2d62d7a2d4324a576855d9025ed openssh-debuginfo-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 23359b3c93e097251ca8a34798905203ebb4f2d62d7a2d4324a576855d9025ed openssh-debugsource-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 2d811fd9334ce9cbd82598227c3819e7d373e2c07b5a1ee61d7f10c7fec5bad0 openssh-debugsource-8.7p1-49.el9_7.ppc64le.rpm SHA-256: 2d811fd9334ce9