Home

Description

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.

PUBLISHED Reserved 2026-01-14 | Published 2026-03-26 | Updated 2026-05-19 | Assigner redhat




LOW: 3.3CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Problem types

External Control of File Name or Path

Product status

Default status
affected

0:0.12.0-2.el10 (rpm) before *
unaffected

Default status
affected

0:0.10.4-18.el9 (rpm) before *
unaffected

Default status
affected

0:0.10.4-18.el9 (rpm) before *
unaffected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
unaffected

Default status
affected

Timeline

2026-02-04:Reported to Red Hat.
2026-02-10:Made public.

Credits

Red Hat would like to thank Jakub Jelen (libssh) and Kang Yang for reporting this issue.

References

access.redhat.com/errata/RHSA-2026:18160 (RHSA-2026:18160) vendor-advisory

access.redhat.com/errata/RHSA-2026:18683 (RHSA-2026:18683) vendor-advisory

access.redhat.com/security/cve/CVE-2026-0965 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2436980 (RHBZ#2436980) issue-tracking

cve.org (CVE-2026-0965)

nvd.nist.gov (CVE-2026-0965)

Download JSON