Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:15891: Important: openssh security update

cveopensshred-hatcve-2026-3497
A vulnerability (CVE-2026-3497) in OpenSSH's GSSAPI implementation could lead to information disclosure or denial of service due to uninitialized variables. This security update, rated Important by Red Hat, affects OpenSSH packages for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Extended Update Support Long-Life Add-On. The fix is provided in the updated package set, specifically version `openssh-8.0p1-7.el8_4.1`.
Read Full Article →

Red Hat Product Errata RHSA-2026:15891 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:15891 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables (CVE-2026-3497) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux Server - AUS 8.4 x86_64 Fixes BZ - 2447085 - CVE-2026-3497 openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVEs CVE-2026-3497 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 SRPM openssh-8.0p1-7.el8_4.1.src.rpm SHA-256: bc50690b2599040fd6753bd68588dd317e3326d81644663d4cb3778fa8fa671c x86_64 openssh-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: ef98d14bd53836092589455c93d01fa0188ba1552811f98a91b9f572b4643515 openssh-askpass-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 395eb6d0cf8452954cd04b009f2f0f754fd152e1027dfbd8c5217ec7b22dceee openssh-askpass-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: b4264b83e6c9977ebed67269ed3f17b92f021d24ad594047eba9acdefb971057 openssh-askpass-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: b4264b83e6c9977ebed67269ed3f17b92f021d24ad594047eba9acdefb971057 openssh-cavs-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: ae5ba637def749ac0ed79034fd5cf091aa0aa6ea7062789da4d0ff622cfaf6db openssh-cavs-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 6732f140ce0480cf0133c1daefa8c19335e72b6f0ea0a539073ee70edf7881c6 openssh-cavs-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 6732f140ce0480cf0133c1daefa8c19335e72b6f0ea0a539073ee70edf7881c6 openssh-clients-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: d8758cf8af3375bfb4c02f3b8af3ff1085323a22c588d5b1df16db5e5ec9eeea openssh-clients-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 3d9bdb1e2c964ace194ae208cbbdc5dc8bde84992b5aad80b740f101a4bc308e openssh-clients-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 3d9bdb1e2c964ace194ae208cbbdc5dc8bde84992b5aad80b740f101a4bc308e openssh-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 5deaf086f583273b77e389430c873a6a9e2364b97ed3478c75f506fd0d7088fd openssh-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 5deaf086f583273b77e389430c873a6a9e2364b97ed3478c75f506fd0d7088fd openssh-debugsource-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: defaa9f4cf9fef837d760adce0ef84b55d4258258d52e6a16e732028dd1e1f5e openssh-debugsource-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: defaa9f4cf9fef837d760adce0ef84b55d4258258d52e6a16e732028dd1e1f5e openssh-keycat-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: edba83a576fd4e793811a1ca1c563a391f207da0f068f1c5754546556759fcaf openssh-keycat-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 679cd249f1696c4e2c5109b167a94331436e25b2934df343afbab4c57e5d3d12 openssh-keycat-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 679cd249f1696c4e2c5109b167a94331436e25b2934df343afbab4c57e5d3d12 openssh-ldap-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 8ad21e6ab8afab3181da95d4ee0b7bf09e29359dfd3a38702510a8ff40235d6d openssh-ldap-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 226b2a7f1ae114932f8cb42c39d49f3e1da648aa670dfe5fc4c9c167a3eea72a openssh-ldap-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 226b2a7f1ae114932f8cb42c39d49f3e1da648aa670dfe5fc4c9c167a3eea72a openssh-server-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 143250960d90c55dcbaffdf903605744afffb5a4e2b23b9c6e7beb2f541fc33a openssh-server-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 2f4f8503999b7f02ff4b4196039bcf75f0f59615815c4aca8958291de5731907 openssh-server-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 2f4f8503999b7f02ff4b4196039bcf75f0f59615815c4aca8958291de5731907 pam_ssh_agent_auth-0.10.3-7.7.el8_4.2.x86_64.rpm SHA-256: 9ab1a82d9e37c1e34a0b0248969ee53cd355387e6cc530d93e1a5fc5a3bac318 pam_ssh_agent_auth-debuginfo-0.10.3-7.7.el8_4.2.x86_64.rpm SHA-256: eaaa512caa28bf895bcd407f4004036dfdeba993e5b27ba58599bf8702f2251a pam_ssh_agent_auth-debuginfo-0.10.3-7.7.el8_4.2.x86_64.rpm SHA-256: eaaa512caa28bf895bcd407f4004036dfdeba993e5b27ba58599bf8702f2251a Red Hat Enterprise Linux Server - AUS 8.4 SRPM openssh-8.0p1-7.el8_4.1.src.rpm SHA-256: bc50690b2599040fd6753bd68588dd317e3326d81644663d4cb3778fa8fa671c x86_64 openssh-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: ef98d14bd53836092589455c93d01fa0188ba1552811f98a91b9f572b4643515 openssh-askpass-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 395eb6d0cf8452954cd04b009f2f0f754fd152e1027dfbd8c5217ec7b22dceee openssh-askpass-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: b4264b83e6c9977ebed67269ed3f17b92f021d24ad594047eba9acdefb971057 openssh-askpass-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: b4264b83e6c9977ebed67269ed3f17b92f021d24ad594047eba9acdefb971057 openssh-cavs-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: ae5ba637def749ac0ed79034fd5cf091aa0aa6ea7062789da4d0ff622cfaf6db openssh-cavs-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 6732f140ce0480cf0133c1daefa8c19335e72b6f0ea0a539073ee70edf7881c6 openssh-cavs-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 6732f140ce0480cf0133c1daefa8c19335e72b6f0ea0a539073ee70edf7881c6 openssh-clients-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: d8758cf8af3375bfb4c02f3b8af3ff1085323a22c588d5b1df16db5e5ec9eeea openssh-clients-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 3d9bdb1e2c964ace194ae208cbbdc5dc8bde84992b5aad80b740f101a4bc308e openssh-clients-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 3d9bdb1e2c964ace194ae208cbbdc5dc8bde84992b5aad80b740f101a4bc308e openssh-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 5deaf086f583273b77e389430c873a6a9e2364b97ed3478c75f506fd0d7088fd openssh-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 5deaf086f583273b77e389430c873a6a9e2364b97ed3478c75f506fd0d7088fd openssh-debugsource-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: defaa9f4cf9fef837d760adce0ef84b55d4258258d52e6a16e732028dd1e1f5e openssh-debugsource-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: defaa9f4cf9fef837d760adce0ef84b55d4258258d52e6a16e732028dd1e1f5e openssh-keycat-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: edba83a576fd4e793811a1ca1c563a391f207da0f068f1c5754546556759fcaf openssh-keycat-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 679cd249f1696c4e2c5109b167a94331436e25b2934df343afbab4c57e5d3d12 openssh-keycat-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 679cd249f1696c4e2c5109b167a94331436e25b2934df343afbab4c57e5d3d12 openssh-ldap-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 8ad21e6ab8afab3181da95d4ee0b7bf09e29359dfd3a38702510a8ff40235d6d openssh-ldap-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 226b2a7f1ae114932f8cb42c39d49f3e1da648aa670dfe5fc4c9c167a3eea72a openssh-ldap-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 226b2a7f1ae114932f8cb42c39d49f3e1da648aa670dfe5fc4c9c167a3eea72a openssh-server-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 143250960d90c55dcbaffdf903605744afffb5a4e2b23b9c6e7beb2f541fc33a openssh-server-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 2f4f8503999b7f02ff4b4196039bcf75f0f59615815c4aca8958291de5731907 openssh-server-debuginfo-8.0p1-7.el8_4.1.x86_64.rpm SHA-256: 2f4f8503999b7f02ff4b4196039bcf75f0f59615815c4aca8958291de5731907 pam_ssh_agent_auth-0.10.3-7.7.el8_4.2.x86_64.rpm SHA-256: 9ab1a82d9e37c1e34a0b0248969ee53cd355387e6cc530d93e1a5fc5a3bac318 pam_ssh_agent_auth-debuginfo-0.10.3-7.7.el8_4.2.x86_64.rpm SHA-256: eaaa512caa28bf895bcd407f4004036dfdeba993e5b27ba58599bf8702f2251a pam_ssh_agent_auth-debuginfo-0.10.3-7.7.el8_4.2.x86_64.rpm SHA-256: eaaa512caa28bf895bcd407f4004036dfdeba993e5b27ba58599bf8702f2251a The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .

Related Articles

HIGH RHSA-2026:9732: Important: openssh security update Red Hat Errata INFO RHSA-2026:14924: Important: openssh security update Red Hat Errata MEDIUM DSA-6204-1 openssh - security update Debian Security HIGH RHSA-2026:9415: Important: openssh security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn