Red Hat Product Errata RHSA-2026:20610 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20610 - Security Advisory Overview Updated Packages Synopsis Moderate: libssh security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libssh is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): libssh: Incorrect Return Code Handling in ssh_kdf() in libssh (CVE-2025-5372) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2369388 - CVE-2025-5372 libssh: Incorrect Return Code Handling in ssh_kdf() in libssh CVEs CVE-2025-5372 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM libssh-0.9.6-13.el8_8.2.src.rpm SHA-256: b64d65e12dca0a28e0d08916032fe531cf4c258e02e0860d0655bc34f2f35809 x86_64 libssh-0.9.6-13.el8_8.2.i686.rpm SHA-256: 95d3e6bb78a6a85a832d75d813b49a15a5ee3a2f80e6460e2962c87592a10840 libssh-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7a40e70e62aea4dea1ab38d058d46d058b5c625576a03ed2afe3486352a69e55 libssh-config-0.9.6-13.el8_8.2.noarch.rpm SHA-256: 73734426b0fcd411de82955afac0baa072c165da0089f7c1bec8308666c9236d libssh-debuginfo-0.9.6-13.el8_8.2.i686.rpm SHA-256: 28095c202c5d10f39d370f44c097afb6913fd2fc380b4eb39ba8ae37000d4e1b libssh-debuginfo-0.9.6-13.el8_8.2.i686.rpm SHA-256: 28095c202c5d10f39d370f44c097afb6913fd2fc380b4eb39ba8ae37000d4e1b libssh-debuginfo-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7532ac2b5484fe2fc909956a38a3cd4b78632ef46a75d1e22196ce70d558aa56 libssh-debuginfo-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7532ac2b5484fe2fc909956a38a3cd4b78632ef46a75d1e22196ce70d558aa56 libssh-debugsource-0.9.6-13.el8_8.2.i686.rpm SHA-256: c42c9ecf013f0babe9a105debc7d357adf2d59a07890d7b7d41eab8038a340c7 libssh-debugsource-0.9.6-13.el8_8.2.i686.rpm SHA-256: c42c9ecf013f0babe9a105debc7d357adf2d59a07890d7b7d41eab8038a340c7 libssh-debugsource-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7d32ef80128b856fcc17a0eb424e19dfc847d2ba4c49ecccfc6ff4ef8aabf4d8 libssh-debugsource-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7d32ef80128b856fcc17a0eb424e19dfc847d2ba4c49ecccfc6ff4ef8aabf4d8 libssh-devel-0.9.6-13.el8_8.2.i686.rpm SHA-256: 2bb9c4927627180724f15f0dd724ae7e7110e18e4e249ea29aac527a94b098f3 libssh-devel-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: e3349df5eaf0a9f6d92bbbaaf1cae3127ed36a4a0916157e47b892d64c24da85 Red Hat Enterprise Linux Server - TUS 8.8 SRPM libssh-0.9.6-13.el8_8.2.src.rpm SHA-256: b64d65e12dca0a28e0d08916032fe531cf4c258e02e0860d0655bc34f2f35809 x86_64 libssh-0.9.6-13.el8_8.2.i686.rpm SHA-256: 95d3e6bb78a6a85a832d75d813b49a15a5ee3a2f80e6460e2962c87592a10840 libssh-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7a40e70e62aea4dea1ab38d058d46d058b5c625576a03ed2afe3486352a69e55 libssh-config-0.9.6-13.el8_8.2.noarch.rpm SHA-256: 73734426b0fcd411de82955afac0baa072c165da0089f7c1bec8308666c9236d libssh-debuginfo-0.9.6-13.el8_8.2.i686.rpm SHA-256: 28095c202c5d10f39d370f44c097afb6913fd2fc380b4eb39ba8ae37000d4e1b libssh-debuginfo-0.9.6-13.el8_8.2.i686.rpm SHA-256: 28095c202c5d10f39d370f44c097afb6913fd2fc380b4eb39ba8ae37000d4e1b libssh-debuginfo-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7532ac2b5484fe2fc909956a38a3cd4b78632ef46a75d1e22196ce70d558aa56 libssh-debuginfo-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7532ac2b5484fe2fc909956a38a3cd4b78632ef46a75d1e22196ce70d558aa56 libssh-debugsource-0.9.6-13.el8_8.2.i686.rpm SHA-256: c42c9ecf013f0babe9a105debc7d357adf2d59a07890d7b7d41eab8038a340c7 libssh-debugsource-0.9.6-13.el8_8.2.i686.rpm SHA-256: c42c9ecf013f0babe9a105debc7d357adf2d59a07890d7b7d41eab8038a340c7 libssh-debugsource-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7d32ef80128b856fcc17a0eb424e19dfc847d2ba4c49ecccfc6ff4ef8aabf4d8 libssh-debugsource-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7d32ef80128b856fcc17a0eb424e19dfc847d2ba4c49ecccfc6ff4ef8aabf4d8 libssh-devel-0.9.6-13.el8_8.2.i686.rpm SHA-256: 2bb9c4927627180724f15f0dd724ae7e7110e18e4e249ea29aac527a94b098f3 libssh-devel-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: e3349df5eaf0a9f6d92bbbaaf1cae3127ed36a4a0916157e47b892d64c24da85 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM libssh-0.9.6-13.el8_8.2.src.rpm SHA-256: b64d65e12dca0a28e0d08916032fe531cf4c258e02e0860d0655bc34f2f35809 ppc64le libssh-0.9.6-13.el8_8.2.ppc64le.rpm SHA-256: 3f922069120ad6697df98894d600294c45c66be8d04c51a265b8659f35f77812 libssh-config-0.9.6-13.el8_8.2.noarch.rpm SHA-256: 73734426b0fcd411de82955afac0baa072c165da0089f7c1bec8308666c9236d libssh-debuginfo-0.9.6-13.el8_8.2.ppc64le.rpm SHA-256: 7ab3ea546bcb726dcaba86d3792960c7ea7190e4e3ea9478287d6570061dd0cf libssh-debuginfo-0.9.6-13.el8_8.2.ppc64le.rpm SHA-256: 7ab3ea546bcb726dcaba86d3792960c7ea7190e4e3ea9478287d6570061dd0cf libssh-debugsource-0.9.6-13.el8_8.2.ppc64le.rpm SHA-256: 9ab2107095fd2cd2d4a2779e11b896ecef1b9d1500e565850840adcf229b7f5f libssh-debugsource-0.9.6-13.el8_8.2.ppc64le.rpm SHA-256: 9ab2107095fd2cd2d4a2779e11b896ecef1b9d1500e565850840adcf229b7f5f libssh-devel-0.9.6-13.el8_8.2.ppc64le.rpm SHA-256: bc1e05e957d2c113f25e2a9284d0f5d5466aaec9530f327af4a1c55797b4b2ef Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM libssh-0.9.6-13.el8_8.2.src.rpm SHA-256: b64d65e12dca0a28e0d08916032fe531cf4c258e02e0860d0655bc34f2f35809 x86_64 libssh-0.9.6-13.el8_8.2.i686.rpm SHA-256: 95d3e6bb78a6a85a832d75d813b49a15a5ee3a2f80e6460e2962c87592a10840 libssh-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7a40e70e62aea4dea1ab38d058d46d058b5c625576a03ed2afe3486352a69e55 libssh-config-0.9.6-13.el8_8.2.noarch.rpm SHA-256: 73734426b0fcd411de82955afac0baa072c165da0089f7c1bec8308666c9236d libssh-debuginfo-0.9.6-13.el8_8.2.i686.rpm SHA-256: 28095c202c5d10f39d370f44c097afb6913fd2fc380b4eb39ba8ae37000d4e1b libssh-debuginfo-0.9.6-13.el8_8.2.i686.rpm SHA-256: 28095c202c5d10f39d370f44c097afb6913fd2fc380b4eb39ba8ae37000d4e1b libssh-debuginfo-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7532ac2b5484fe2fc909956a38a3cd4b78632ef46a75d1e22196ce70d558aa56 libssh-debuginfo-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7532ac2b5484fe2fc909956a38a3cd4b78632ef46a75d1e22196ce70d558aa56 libssh-debugsource-0.9.6-13.el8_8.2.i686.rpm SHA-256: c42c9ecf013f0babe9a105debc7d357adf2d59a07890d7b7d41eab8038a340c7 libssh-debugsource-0.9.6-13.el8_8.2.i686.rpm SHA-256: c42c9ecf013f0babe9a105debc7d357adf2d59a07890d7b7d41eab8038a340c7 libssh-debugsource-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7d32ef80128b856fcc17a0eb424e19dfc847d2ba4c49ecccfc6ff4ef8aabf4d8 libssh-debugsource-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: 7d32ef80128b856fcc17a0eb424e19dfc847d2ba4c49ecccfc6ff4ef8aabf4d8 libssh-devel-0.9.6-13.el8_8.2.i686.rpm SHA-256: 2bb9c4927627180724f15f0dd724ae7e7110e18e4e249ea29aac527a94b098f3 libssh-devel-0.9.6-13.el8_8.2.x86_64.rpm SHA-256: e3349df5eaf0a9f6d92bbbaaf1cae3127ed36a4a0916157e47b892d64c24da85 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .