Security News

Cybersecurity news aggregator

📰
INFO News Red Hat Errata

RHSA-2026:14924: Important: openssh security update

red-hatopensshcve-2026-3497
An Important-rated vulnerability (CVE-2026-3497) in OpenSSH's GSSAPI implementation could lead to information disclosure or denial of service due to uninitialized variables. The update specifically affects Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Telecommunications Update Service. Affected systems should be updated to the provided `openssh-8.0p1-20.el8_8.3` packages to remediate the issue.
Read Full Article →

Red Hat Product Errata RHSA-2026:14924 - Security Advisory Issued: 2026-05-07 Updated: 2026-05-07 RHSA-2026:14924 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables (CVE-2026-3497) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2447085 - CVE-2026-3497 openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVEs CVE-2026-3497 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM openssh-8.0p1-20.el8_8.3.src.rpm SHA-256: fa262e135794b731702fb053403b93ae85e9875e83454e0eadc4daa1e30dcf46 x86_64 openssh-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 7a44dccacbf3b907b837b6037e8b2d855ab36b0f7b575dee9d5ee7bda00d0361 openssh-askpass-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 3f9c5f6dfcc374c838c823251b9516c723e41cefba8dc67d993d79ef7277e874 openssh-askpass-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: b59ee3ec332244339bd1c4ebd330a27bb87d4c4af2148e6e341fb5416be2ebed openssh-askpass-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: b59ee3ec332244339bd1c4ebd330a27bb87d4c4af2148e6e341fb5416be2ebed openssh-cavs-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 3be7c3817cc829f6f2771b3b2d9f8350d2736b1ad116cfacc392313f3ba3d68b openssh-cavs-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 99fce62b278e17a8c56991f52fae0629c27cc15a416e23307badffafbd0ab660 openssh-cavs-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 99fce62b278e17a8c56991f52fae0629c27cc15a416e23307badffafbd0ab660 openssh-clients-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 0150463c35c0d8ad26e566a928c1dc5ec9392c816465987c291d354dfc4a63f6 openssh-clients-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: abfa575dccc4e6388abd8e9f6dd06e08ea3ef3a06e94a98cd8a3134be16cb470 openssh-clients-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: abfa575dccc4e6388abd8e9f6dd06e08ea3ef3a06e94a98cd8a3134be16cb470 openssh-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 4d7ce144b6d65688fa6e0ab910555a56b392733b260a8b24fd83f7bcf10b5b6f openssh-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 4d7ce144b6d65688fa6e0ab910555a56b392733b260a8b24fd83f7bcf10b5b6f openssh-debugsource-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 2a4ddac473658d74f6e1a6e17f38590b5bb126a98dc088a4c3e5bc7a46dd0da5 openssh-debugsource-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 2a4ddac473658d74f6e1a6e17f38590b5bb126a98dc088a4c3e5bc7a46dd0da5 openssh-keycat-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 5a8102dc9e400e1e2b261740634d26c59ce5a7a2d9b19fb67e6547efba3fa9a2 openssh-keycat-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: dd4199619fd04edf4937c8f0e3621cf8ef0c92e8766a663fee638bb0ee02be54 openssh-keycat-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: dd4199619fd04edf4937c8f0e3621cf8ef0c92e8766a663fee638bb0ee02be54 openssh-ldap-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 69b41ebf08e23ef4c341998a423d709ef33279bbd915f24757ff8168f687b361 openssh-ldap-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 902195282965fec003312585595898188b6f5ffee3f3a698ce48431196a92d09 openssh-ldap-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 902195282965fec003312585595898188b6f5ffee3f3a698ce48431196a92d09 openssh-server-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: dd0ecc58bb9cec7e723d019a19c729a3ec82b13d6e6d72e1665cf19a1e1d7a09 openssh-server-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: c57fd7ff24d24fd62a5db6c88cc65c4488437e7a24e6a7c4975c5f8258439977 openssh-server-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: c57fd7ff24d24fd62a5db6c88cc65c4488437e7a24e6a7c4975c5f8258439977 pam_ssh_agent_auth-0.10.3-7.20.el8_8.3.x86_64.rpm SHA-256: 452cf53f68fd7e59b78f44b9599c723b5170c03af307b5e1cf8b951c5ca5cbd1 pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.3.x86_64.rpm SHA-256: d9eb1287a2396680b5e29ddf51ff9b50f1fff7427ffde6946244f5c252465755 pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.3.x86_64.rpm SHA-256: d9eb1287a2396680b5e29ddf51ff9b50f1fff7427ffde6946244f5c252465755 Red Hat Enterprise Linux Server - TUS 8.8 SRPM openssh-8.0p1-20.el8_8.3.src.rpm SHA-256: fa262e135794b731702fb053403b93ae85e9875e83454e0eadc4daa1e30dcf46 x86_64 openssh-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 7a44dccacbf3b907b837b6037e8b2d855ab36b0f7b575dee9d5ee7bda00d0361 openssh-askpass-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 3f9c5f6dfcc374c838c823251b9516c723e41cefba8dc67d993d79ef7277e874 openssh-askpass-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: b59ee3ec332244339bd1c4ebd330a27bb87d4c4af2148e6e341fb5416be2ebed openssh-askpass-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: b59ee3ec332244339bd1c4ebd330a27bb87d4c4af2148e6e341fb5416be2ebed openssh-cavs-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 3be7c3817cc829f6f2771b3b2d9f8350d2736b1ad116cfacc392313f3ba3d68b openssh-cavs-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 99fce62b278e17a8c56991f52fae0629c27cc15a416e23307badffafbd0ab660 openssh-cavs-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 99fce62b278e17a8c56991f52fae0629c27cc15a416e23307badffafbd0ab660 openssh-clients-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 0150463c35c0d8ad26e566a928c1dc5ec9392c816465987c291d354dfc4a63f6 openssh-clients-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: abfa575dccc4e6388abd8e9f6dd06e08ea3ef3a06e94a98cd8a3134be16cb470 openssh-clients-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: abfa575dccc4e6388abd8e9f6dd06e08ea3ef3a06e94a98cd8a3134be16cb470 openssh-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 4d7ce144b6d65688fa6e0ab910555a56b392733b260a8b24fd83f7bcf10b5b6f openssh-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 4d7ce144b6d65688fa6e0ab910555a56b392733b260a8b24fd83f7bcf10b5b6f openssh-debugsource-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 2a4ddac473658d74f6e1a6e17f38590b5bb126a98dc088a4c3e5bc7a46dd0da5 openssh-debugsource-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 2a4ddac473658d74f6e1a6e17f38590b5bb126a98dc088a4c3e5bc7a46dd0da5 openssh-keycat-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 5a8102dc9e400e1e2b261740634d26c59ce5a7a2d9b19fb67e6547efba3fa9a2 openssh-keycat-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: dd4199619fd04edf4937c8f0e3621cf8ef0c92e8766a663fee638bb0ee02be54 openssh-keycat-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: dd4199619fd04edf4937c8f0e3621cf8ef0c92e8766a663fee638bb0ee02be54 openssh-ldap-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 69b41ebf08e23ef4c341998a423d709ef33279bbd915f24757ff8168f687b361 openssh-ldap-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 902195282965fec003312585595898188b6f5ffee3f3a698ce48431196a92d09 openssh-ldap-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: 902195282965fec003312585595898188b6f5ffee3f3a698ce48431196a92d09 openssh-server-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: dd0ecc58bb9cec7e723d019a19c729a3ec82b13d6e6d72e1665cf19a1e1d7a09 openssh-server-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: c57fd7ff24d24fd62a5db6c88cc65c4488437e7a24e6a7c4975c5f8258439977 openssh-server-debuginfo-8.0p1-20.el8_8.3.x86_64.rpm SHA-256: c57fd7ff24d24fd62a5db6c88cc65c4488437e7a24e6a7c4975c5f8258439977 pam_ssh_agent_auth-0.10.3-7.20.el8_8.3.x86_64.rpm SHA-256: 452cf53f68fd7e59b78f44b9599c723b5170c03af307b5e1cf8b951c5ca5cbd1 pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.3.x86_64.rpm SHA-256: d9eb1287a2396680b5e29ddf51ff9b50f1fff7427ffde6946244f5c252465755 pam_ssh_agent_auth-debuginfo-0.10.3-7.20.el8_8.3.x86_64.rpm SHA-256: d9eb1287a2396680b5e29ddf51ff9b50f1fff7427ffde6946244f5c252465755 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM openssh-8.0p1-20.el8_8.3.src.rpm SHA-256: fa262e135794b731702fb053403b93ae85e9875e83454e0eadc4daa1e30dcf46 ppc64le openssh-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: 7251da2f24e731a740b92c7b2178177702a0fc9099aeedd30dc8e4bdbc63d9ef openssh-askpass-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: ad5a065450d4106360532b00b7d08264ab6e4cbc75e6cff8fa9d23507091247e openssh-askpass-debuginfo-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: e1e5be99490297dae804e0f94521110853d1519a3a3783015a9b43504d4902d3 openssh-askpass-debuginfo-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: e1e5be99490297dae804e0f94521110853d1519a3a3783015a9b43504d4902d3 openssh-cavs-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: 12c25893870cd57e4920d9109f6bb8ffe8098370a1db73fbc0f85110763e9daf openssh-cavs-debuginfo-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: dd578fcaeb92639f2f863022f74adf1fa570c2ad54c0b491e696c1c6b98cec81 openssh-cavs-debuginfo-8.0p1-20.el8_8.3.ppc64le.rpm SHA-256: dd578fcaeb92639f2f863022f74adf1fa570c2ad54c0b491e696c1c6b98cec81 openssh-clients-8.0

Related Articles

HIGH RHSA-2026:9732: Important: openssh security update Red Hat Errata HIGH RHSA-2026:15891: Important: openssh security update Red Hat Errata MEDIUM DSA-6204-1 openssh - security update Debian Security HIGH RHSA-2026:9415: Important: openssh security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn