OESA-2025-1314

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1314

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2025-1314.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2025-1314

Upstream

CVE-2025-26465

CVE-2025-26466

Published

2025-03-21T13:18:18Z

Modified

2025-09-03T06:20:53.216406Z

Summary

openssh security update

Details

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and sophisticated configuration options.

Security Fix(es):

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.(CVE-2025-26465)

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.(CVE-2025-26466)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:24.03-LTS-SP1 / openssh

Package

Name: openssh
Purl: pkg:rpm/openEuler/openssh&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.6p1-5.oe2403sp1

Ecosystem specific

{
    "x86_64": [
        "openssh-9.6p1-5.oe2403sp1.x86_64.rpm",
        "openssh-askpass-9.6p1-5.oe2403sp1.x86_64.rpm",
        "openssh-clients-9.6p1-5.oe2403sp1.x86_64.rpm",
        "openssh-debuginfo-9.6p1-5.oe2403sp1.x86_64.rpm",
        "openssh-debugsource-9.6p1-5.oe2403sp1.x86_64.rpm",
        "openssh-keycat-9.6p1-5.oe2403sp1.x86_64.rpm",
        "openssh-server-9.6p1-5.oe2403sp1.x86_64.rpm",
        "pam_ssh_agent_auth-0.10.4-4.5.oe2403sp1.x86_64.rpm"
    ],
    "aarch64": [
        "openssh-9.6p1-5.oe2403sp1.aarch64.rpm",
        "openssh-askpass-9.6p1-5.oe2403sp1.aarch64.rpm",
        "openssh-clients-9.6p1-5.oe2403sp1.aarch64.rpm",
        "openssh-debuginfo-9.6p1-5.oe2403sp1.aarch64.rpm",
        "openssh-debugsource-9.6p1-5.oe2403sp1.aarch64.rpm",
        "openssh-keycat-9.6p1-5.oe2403sp1.aarch64.rpm",
        "openssh-server-9.6p1-5.oe2403sp1.aarch64.rpm",
        "pam_ssh_agent_auth-0.10.4-4.5.oe2403sp1.aarch64.rpm"
    ],
    "noarch": [
        "openssh-help-9.6p1-5.oe2403sp1.noarch.rpm"
    ],
    "src": [
        "openssh-9.6p1-5.oe2403sp1.src.rpm"
    ]
}