Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:22564: Important: openssh update

cve-2026-1234rhelcve-2026-35385cve-2026-35414cve-2026-35387
This Important OpenSSH update addresses multiple vulnerabilities, including a high-severity privilege escalation via the SCP legacy protocol (CVE-2026-35385, CVSS 7.5) and a security bypass via mishandling of authorized_keys (CVE-2026-35414, CVSS 4.2). The vulnerabilities affect OpenBSD OpenSSH versions prior to 10.3. The fix requires upgrading to OpenSSH version 10.3.
Read Full Article →

Red Hat Product Errata RHSA-2026:22564 - Security Advisory Issued: 2026-06-02 Updated: 2026-06-02 RHSA-2026:22564 - Security Advisory Overview Updated Packages Synopsis Important: openssh update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode (CVE-2026-35385) OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option (CVE-2026-35414) OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage (CVE-2026-35387) OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions (CVE-2026-35388) OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username (CVE-2026-35386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2454469 - CVE-2026-35385 OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode BZ - 2454490 - CVE-2026-35414 OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option BZ - 2454494 - CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage BZ - 2454500 - CVE-2026-35388 OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions BZ - 2454506 - CVE-2026-35386 OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username CVEs CVE-2026-35385 CVE-2026-35386 CVE-2026-35387 CVE-2026-35388 CVE-2026-35414 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM openssh-8.7p1-38.el9_4.8.src.rpm SHA-256: d00669729e7c12aa1a8ed5e969730877def5e9e0cd97c8a2dbd405403428400e x86_64 openssh-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: eda8dd6d6dcb880848cb051f30f541836f6b898c7698bfda91db436c14e998e0 openssh-askpass-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 52fb56837da96557c85669e6551477e725347d08bdd90ee785ca5c21a506137d openssh-askpass-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: a10b6c11177ff7eef3d0cb552d6dbcb71becf998b375e1a11acf92c179fa85f0 openssh-askpass-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: a10b6c11177ff7eef3d0cb552d6dbcb71becf998b375e1a11acf92c179fa85f0 openssh-clients-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 09be85b7436f62001c25ad92fe8e73d337c983dfac573c8218f36d3de83ebbba openssh-clients-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: ab814deda7adc318a0e650b491fea14426454ac0afd3afd1f2b7c7b59fcabd47 openssh-clients-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: ab814deda7adc318a0e650b491fea14426454ac0afd3afd1f2b7c7b59fcabd47 openssh-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 23d80a0d0ec798fd0ab90e880fbc04acee862ae8aaaf748c31006c7d841f9a90 openssh-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 23d80a0d0ec798fd0ab90e880fbc04acee862ae8aaaf748c31006c7d841f9a90 openssh-debugsource-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 960ab1518887c255ee9d92739f3c106a3b0bcfa067515fdf8d8d5a968e7c26b8 openssh-debugsource-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 960ab1518887c255ee9d92739f3c106a3b0bcfa067515fdf8d8d5a968e7c26b8 openssh-keycat-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: b9e426b8fb14b85b9cf7a2518606058d603cf0be9e8e74d5ee8d331ed8b41b64 openssh-keycat-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 73795798123a9f6b15d715d650c7978415b0b88decb6be775a09ccaeded55199 openssh-keycat-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 73795798123a9f6b15d715d650c7978415b0b88decb6be775a09ccaeded55199 openssh-server-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: df395b754917765e2cb43777817205326a77cf2df1f824d1a527831c22e12ef9 openssh-server-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 970ba503ada1e8d4c5a1dba6265350f77cfde85679f168217b7422a3f91fbbcd openssh-server-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 970ba503ada1e8d4c5a1dba6265350f77cfde85679f168217b7422a3f91fbbcd openssh-sk-dummy-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 43559c32ff0a09db3fcda4790644881105c088a9d11a54b571bf0971a5d24013 openssh-sk-dummy-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 43559c32ff0a09db3fcda4790644881105c088a9d11a54b571bf0971a5d24013 pam_ssh_agent_auth-0.10.4-5.38.el9_4.8.x86_64.rpm SHA-256: 1d3360a40d59cc96725254881f194e942d7baf236ad0fa31864444216ed62652 pam_ssh_agent_auth-debuginfo-0.10.4-5.38.el9_4.8.x86_64.rpm SHA-256: 81c9752a47f8ddb001f0e9f9f5a0d82ecfac4032790067de10876fddcc5c0bc3 pam_ssh_agent_auth-debuginfo-0.10.4-5.38.el9_4.8.x86_64.rpm SHA-256: 81c9752a47f8ddb001f0e9f9f5a0d82ecfac4032790067de10876fddcc5c0bc3 Red Hat Enterprise Linux Server - AUS 9.4 SRPM openssh-8.7p1-38.el9_4.8.src.rpm SHA-256: d00669729e7c12aa1a8ed5e969730877def5e9e0cd97c8a2dbd405403428400e x86_64 openssh-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: eda8dd6d6dcb880848cb051f30f541836f6b898c7698bfda91db436c14e998e0 openssh-askpass-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 52fb56837da96557c85669e6551477e725347d08bdd90ee785ca5c21a506137d openssh-askpass-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: a10b6c11177ff7eef3d0cb552d6dbcb71becf998b375e1a11acf92c179fa85f0 openssh-askpass-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: a10b6c11177ff7eef3d0cb552d6dbcb71becf998b375e1a11acf92c179fa85f0 openssh-clients-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 09be85b7436f62001c25ad92fe8e73d337c983dfac573c8218f36d3de83ebbba openssh-clients-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: ab814deda7adc318a0e650b491fea14426454ac0afd3afd1f2b7c7b59fcabd47 openssh-clients-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: ab814deda7adc318a0e650b491fea14426454ac0afd3afd1f2b7c7b59fcabd47 openssh-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 23d80a0d0ec798fd0ab90e880fbc04acee862ae8aaaf748c31006c7d841f9a90 openssh-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 23d80a0d0ec798fd0ab90e880fbc04acee862ae8aaaf748c31006c7d841f9a90 openssh-debugsource-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 960ab1518887c255ee9d92739f3c106a3b0bcfa067515fdf8d8d5a968e7c26b8 openssh-debugsource-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 960ab1518887c255ee9d92739f3c106a3b0bcfa067515fdf8d8d5a968e7c26b8 openssh-keycat-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: b9e426b8fb14b85b9cf7a2518606058d603cf0be9e8e74d5ee8d331ed8b41b64 openssh-keycat-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 73795798123a9f6b15d715d650c7978415b0b88decb6be775a09ccaeded55199 openssh-keycat-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 73795798123a9f6b15d715d650c7978415b0b88decb6be775a09ccaeded55199 openssh-server-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: df395b754917765e2cb43777817205326a77cf2df1f824d1a527831c22e12ef9 openssh-server-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 970ba503ada1e8d4c5a1dba6265350f77cfde85679f168217b7422a3f91fbbcd openssh-server-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 970ba503ada1e8d4c5a1dba6265350f77cfde85679f168217b7422a3f91fbbcd openssh-sk-dummy-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 43559c32ff0a09db3fcda4790644881105c088a9d11a54b571bf0971a5d24013 openssh-sk-dummy-debuginfo-8.7p1-38.el9_4.8.x86_64.rpm SHA-256: 43559c32ff0a09db3fcda4790644881105c088a9d11a54b571bf0971a5d24013 pam_ssh_agent_auth-0.10.4-5.38.el9_4.8.x86_64.rpm SHA-256: 1d3360a40d59cc96725254881f194e942d7baf236ad0fa31864444216ed62652 pam_ssh_agent_auth-debuginfo-0.10.4-5.38.el9_4.8.x86_64.rpm SHA-256: 81c9752a47f8ddb001f0e9f9f5a0d82ecfac4032790067de10876fddcc5c0bc3 pam_ssh_agent_auth-debuginfo-0.10.4-5.38.el9_4.8.x86_64.rpm SHA-256: 81c9752a47f8ddb001f0e9f9f5a0d82ecfac4032790067de10876fddcc5c0bc3 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM openssh-8.7p1-38.el9_4.8.src.rpm SHA-256: d00669729e7c12aa1a8ed5e969730877def5e9e0cd97c8a2dbd405403428400e s390x openssh-8.7p1-38.el9_4.8.s390x.rpm SHA-256: 43319ecbbd587bb29651921ad5556241bcd5ec1d3075471a315b13941877e9ab openssh-askpass-8.7p1-38.el9_4.8.s390x.rpm SHA-256: 40062e2166b9cc462bbb8c8e2460195d7d142fa49109ba16673e13bbd31dd610 openssh-askpass-debuginfo-8.7p1-38.el9_4.8.s390x.rpm SHA-256: d27596f72c71939ae335189f37d526c30628

Related Articles

HIGH RHSA-2026:16059: Important: openssh security update Red Hat Errata HIGH RHSA-2026:19069: Important: openssh security update Red Hat Errata INFO RHSA-2026:22329: Important: openssh security update Red Hat Errata HIGH RHSA-2026:22648: Important: openssh security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn