Red Hat Product Errata RHSA-2026:18160 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18160 - Security Advisory Overview Updated Packages Synopsis Moderate: libssh security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): libssh: Buffer underflow in ssh_get_hexa() on invalid input (CVE-2026-0966) libssh: Improper sanitation of paths received from SCP servers (CVE-2026-0964) libssh: libssh: Denial of Service via improper configuration file handling (CVE-2026-0965) libssh: libssh: Denial of Service via inefficient regular expression processing (CVE-2026-0967) libssh: libssh: Denial of Service due to malformed SFTP message (CVE-2026-0968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 10 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Fixes BZ - 2433121 - CVE-2026-0966 libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() BZ - 2436979 - CVE-2026-0964 libssh: Improper sanitation of paths received from SCP servers BZ - 2436980 - CVE-2026-0965 libssh: libssh: Denial of Service via improper configuration file handling BZ - 2436981 - CVE-2026-0967 libssh: libssh: Denial of Service via inefficient regular expression processing BZ - 2436982 - CVE-2026-0968 libssh: libssh: Denial of Service due to malformed SFTP message RHEL-133421 - Rebase libssh to 0.12.0 RHEL-70825 - Support for hybrid ML-KEM key exchange in libssh RHEL-93748 - Wrong log level of messages in RHEL-10.2 and C10s CVEs CVE-2026-0964 CVE-2026-0965 CVE-2026-0966 CVE-2026-0967 CVE-2026-0968 References https://access.redhat.com/security/updates/classification/#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/10.2_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM libssh-0.12.0-2.el10.src.rpm SHA-256: f6fcef270ddfb0429c551b271f30ee5e3ff68bb936dcc43258cf5f0921d71443 x86_64 libssh-0.12.0-2.el10.x86_64.rpm SHA-256: db801760572c2a64f603410664cfcd1af16a1950fb8971a01fe1ec5a64c8dfed libssh-config-0.12.0-2.el10.noarch.rpm SHA-256: 2d90a287f76c678310ca6433c2f7b32b840b36c013d5f16657766fa56c028190 libssh-debuginfo-0.12.0-2.el10.x86_64.rpm SHA-256: 5cbb548a1a89af52464d4f223941c851a21670d8c9820ef205518ee82ee9a223 libssh-debuginfo-0.12.0-2.el10.x86_64.rpm SHA-256: 5cbb548a1a89af52464d4f223941c851a21670d8c9820ef205518ee82ee9a223 libssh-debugsource-0.12.0-2.el10.x86_64.rpm SHA-256: 98ef36709e5a9310e255315f47c02cc92936a3e07a08d4bc4ecbf0af1df7bb8e libssh-debugsource-0.12.0-2.el10.x86_64.rpm SHA-256: 98ef36709e5a9310e255315f47c02cc92936a3e07a08d4bc4ecbf0af1df7bb8e libssh-devel-0.12.0-2.el10.x86_64.rpm SHA-256: 3a8f1d59149c0692504ad3e76dbbc3f90d8eb102e786bbeb3f8fec9c62caaa68 Red Hat Enterprise Linux for IBM z Systems 10 SRPM libssh-0.12.0-2.el10.src.rpm SHA-256: f6fcef270ddfb0429c551b271f30ee5e3ff68bb936dcc43258cf5f0921d71443 s390x libssh-0.12.0-2.el10.s390x.rpm SHA-256: 03bd5c4919726040795fd38213b2a8666140305024ba04c8e668edb099a2cee2 libssh-config-0.12.0-2.el10.noarch.rpm SHA-256: 2d90a287f76c678310ca6433c2f7b32b840b36c013d5f16657766fa56c028190 libssh-debuginfo-0.12.0-2.el10.s390x.rpm SHA-256: a4bcdfaee3a53b6bd62fd5093cf12d6e03a5e072e8db48a321397aa97f5b0780 libssh-debuginfo-0.12.0-2.el10.s390x.rpm SHA-256: a4bcdfaee3a53b6bd62fd5093cf12d6e03a5e072e8db48a321397aa97f5b0780 libssh-debugsource-0.12.0-2.el10.s390x.rpm SHA-256: e16d532456d3f4812c877910ce410dd05cb6a77f0787f79280073e60a04a663e libssh-debugsource-0.12.0-2.el10.s390x.rpm SHA-256: e16d532456d3f4812c877910ce410dd05cb6a77f0787f79280073e60a04a663e libssh-devel-0.12.0-2.el10.s390x.rpm SHA-256: 82ed166eecde83d06d1a2661bc0bc60fe8f1b5ae448a1def6d97c88e5262a2d6 Red Hat Enterprise Linux for Power, little endian 10 SRPM libssh-0.12.0-2.el10.src.rpm SHA-256: f6fcef270ddfb0429c551b271f30ee5e3ff68bb936dcc43258cf5f0921d71443 ppc64le libssh-0.12.0-2.el10.ppc64le.rpm SHA-256: 58c372b3d1753f290d4865035ef509d376ac87b704b715436a674d49cbf584c9 libssh-config-0.12.0-2.el10.noarch.rpm SHA-256: 2d90a287f76c678310ca6433c2f7b32b840b36c013d5f16657766fa56c028190 libssh-debuginfo-0.12.0-2.el10.ppc64le.rpm SHA-256: 419b3178a11cc44bbec3556656dbfdb0a698b3f24835633deda7ada59f0e8196 libssh-debuginfo-0.12.0-2.el10.ppc64le.rpm SHA-256: 419b3178a11cc44bbec3556656dbfdb0a698b3f24835633deda7ada59f0e8196 libssh-debugsource-0.12.0-2.el10.ppc64le.rpm SHA-256: 5ca34073fb8a0189fdfe5ccdcaae25b7a2c50429ebe7924213b27c436e3c49c6 libssh-debugsource-0.12.0-2.el10.ppc64le.rpm SHA-256: 5ca34073fb8a0189fdfe5ccdcaae25b7a2c50429ebe7924213b27c436e3c49c6 libssh-devel-0.12.0-2.el10.ppc64le.rpm SHA-256: efb2dacc230a9a57d52727d4a7f98253ce4b9e41bea6306e43de9573f68cbd87 Red Hat Enterprise Linux for ARM 64 10 SRPM libssh-0.12.0-2.el10.src.rpm SHA-256: f6fcef270ddfb0429c551b271f30ee5e3ff68bb936dcc43258cf5f0921d71443 aarch64 libssh-0.12.0-2.el10.aarch64.rpm SHA-256: c3477e3d96f25e6e14485e42fd640825912a937d2dc76121fdd22a1188e2bb73 libssh-config-0.12.0-2.el10.noarch.rpm SHA-256: 2d90a287f76c678310ca6433c2f7b32b840b36c013d5f16657766fa56c028190 libssh-debuginfo-0.12.0-2.el10.aarch64.rpm SHA-256: eed82db75f8bd35f8ad6c114356c46ee030fd7b3b41f854de5a7b23a488e8733 libssh-debuginfo-0.12.0-2.el10.aarch64.rpm SHA-256: eed82db75f8bd35f8ad6c114356c46ee030fd7b3b41f854de5a7b23a488e8733 libssh-debugsource-0.12.0-2.el10.aarch64.rpm SHA-256: 226b21edf40c5312f9b2645ff5e91ffe201c2d0c23b10e2d19c3f6e023569013 libssh-debugsource-0.12.0-2.el10.aarch64.rpm SHA-256: 226b21edf40c5312f9b2645ff5e91ffe201c2d0c23b10e2d19c3f6e023569013 libssh-devel-0.12.0-2.el10.aarch64.rpm SHA-256: e243504c5aa397807e1be52747400a4501453284dfaf5cc07741c41869bd3dd9 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .