USN-8090-1
- Source
- https://ubuntu.com/security/notices/USN-8090-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8090-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-8090-1
- Upstream
- Related
- Published
- 2026-03-12T18:16:18Z
- Modified
- 2026-03-17T06:42:31.892424Z
- Summary
- openssh vulnerabilities
- Details
-
Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the GSSAPIKeyExchange setting is enabled, a remote attacker could use this issue to cause OpenSSH to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-3497)
David Leadbeater discovered that OpenSSH incorrectly handled certain control characters in usernames. When untrusted usernames and the ProxyCommand are being used, an attacker could possibly use this issue to execute arbitrary code. (CVE-2025-61984)
David Leadbeater discovered that OpenSSH incorrectly handled NULL characters in ssh:// URIs. When the ProxyCommand is being used, an attacker could possibly use this issue to execute arbitrary code. (CVE-2025-61985)
- References
Affected packages
Ubuntu:22.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:8.9p1-3ubuntu0.14?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:8.9p1-3ubuntu0.14
Affected versions
1:8.*
1:8.4p1-6ubuntu2
1:8.7p1-2
1:8.7p1-2build1
1:8.7p1-4
1:8.8p1-1
1:8.9p1-3
1:8.9p1-3ubuntu0.1
1:8.9p1-3ubuntu0.3
1:8.9p1-3ubuntu0.4
1:8.9p1-3ubuntu0.5
1:8.9p1-3ubuntu0.6
1:8.9p1-3ubuntu0.7
1:8.9p1-3ubuntu0.10
1:8.9p1-3ubuntu0.11
1:8.9p1-3ubuntu0.13
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:8.9p1-3ubuntu0.14"
},
{
"binary_name": "openssh-server",
"binary_version": "1:8.9p1-3ubuntu0.14"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:8.9p1-3ubuntu0.14"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:8.9p1-3ubuntu0.14"
},
{
"binary_name": "ssh",
"binary_version": "1:8.9p1-3ubuntu0.14"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:8.9p1-3ubuntu0.14"
}
],
"availability": "No subscription required"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8090-1.json"
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-61984"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-61985"
},
{
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2026-3497"
}
]
}
Ubuntu:24.04:LTS / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:9.6p1-3ubuntu13.15?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:9.6p1-3ubuntu13.15
Affected versions
1:9.*
1:9.3p1-1ubuntu3
1:9.4p1-1ubuntu1
1:9.6p1-3ubuntu1
1:9.6p1-3ubuntu2
1:9.6p1-3ubuntu11
1:9.6p1-3ubuntu12
1:9.6p1-3ubuntu13
1:9.6p1-3ubuntu13.3
1:9.6p1-3ubuntu13.4
1:9.6p1-3ubuntu13.5
1:9.6p1-3ubuntu13.7
1:9.6p1-3ubuntu13.8
1:9.6p1-3ubuntu13.9
1:9.6p1-3ubuntu13.11
1:9.6p1-3ubuntu13.12
1:9.6p1-3ubuntu13.13
1:9.6p1-3ubuntu13.14
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:9.6p1-3ubuntu13.15"
},
{
"binary_name": "openssh-server",
"binary_version": "1:9.6p1-3ubuntu13.15"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:9.6p1-3ubuntu13.15"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:9.6p1-3ubuntu13.15"
},
{
"binary_name": "ssh",
"binary_version": "1:9.6p1-3ubuntu13.15"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:9.6p1-3ubuntu13.15"
}
],
"availability": "No subscription required"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8090-1.json"
cves_map
{
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-61984"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-61985"
},
{
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2026-3497"
}
]
}
Ubuntu:25.10 / openssh
Package
- Name
- openssh
- Purl
- pkg:deb/ubuntu/openssh@1:10.0p1-5ubuntu5.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:10.0p1-5ubuntu5.1
Affected versions
1:9.*
1:9.9p1-3ubuntu3
1:9.9p1-3ubuntu3.1
1:10.*
1:10.0p1-5ubuntu2
1:10.0p1-5ubuntu3
1:10.0p1-5ubuntu4
1:10.0p1-5ubuntu5
Ecosystem specific
{
"binaries": [
{
"binary_name": "openssh-client",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "openssh-client-gssapi",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "openssh-server",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "openssh-server-gssapi",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "openssh-sftp-server",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "openssh-tests",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "ssh",
"binary_version": "1:10.0p1-5ubuntu5.1"
},
{
"binary_name": "ssh-askpass-gnome",
"binary_version": "1:10.0p1-5ubuntu5.1"
}
],
"availability": "No subscription required"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8090-1.json"
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-61984"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-61985"
},
{
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2026-3497"
}
]
}