UBUNTU-CVE-2026-55200

Source
https://ubuntu.com/security/CVE-2026-55200
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-55200.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-55200
Upstream
  • CVE-2026-55200
Downstream
Related
Published
2026-06-17T20:17:00Z
Modified
2026-07-01T23:43:25.462897920Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 8.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L CVSS Calculator
  • 9.2 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread() that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve remote code execution.

References

Affected packages

Ubuntu:25.10 / libssh2

Package

Name
libssh2
Purl
pkg:deb/ubuntu/libssh2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.1-1ubuntu0.25.10.2

Affected versions

1.*
1.11.1-1
1.11.1-1build1
1.11.1-1ubuntu0.25.10.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libssh2-1t64",
            "binary_version": "1.11.1-1ubuntu0.25.10.2"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-55200.json"

Ubuntu:26.04:LTS / libssh2

Package

Name
libssh2
Purl
pkg:deb/ubuntu/libssh2?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.1-1ubuntu0.26.04.2

Affected versions

1.*
1.11.1-1build1
1.11.1-1build2
1.11.1-1ubuntu0.26.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libssh2-1t64",
            "binary_version": "1.11.1-1ubuntu0.26.04.2"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-55200.json"