CVE-2026-0966
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
A flaw was found in libssh. The API function ssh_get_hexa() is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to SSH_LOG_PACKET (3) or higher. Successful exploitation could lead to a self-Denial of Service of the per-connection daemon process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | 0:0.12.0-2.el10 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:0.10.4-18.el9 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:0.10.4-18.el9 < * | unaffected |
| Red Hat | Red Hat Hardened Images | 0.12.0-1.1.hum1 < * | unaffected |
Weaknesses
- CWE-124: Buffer Underwrite ('Buffer Underflow')
Workarounds
To mitigate this issue, consider disabling GSSAPI authentication if it is not required, or reduce the LogLevel in the sshd_config file to a value lower than SSH_LOG_PACKET (e.g., INFO).
To disable GSSAPI authentication, add or modify the following line in /etc/ssh/sshd_config:
GSSAPIAuthentication no
To reduce logging verbosity, add or modify the following line in /etc/ssh/sshd_config:
LogLevel INFO
After making changes to sshd_config, the sshd service must be restarted for the changes to take effect. This may temporarily interrupt active SSH sessions.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://access.redhat.com/errata/RHSA-2026:18160
- https://access.redhat.com/errata/RHSA-2026:18683
- https://access.redhat.com/errata/RHSA-2026:7067
- https://access.redhat.com/security/cve/CVE-2026-0966
- https://bugzilla.redhat.com/show_bug.cgi?id=2433121
- https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.