CVE-2026-0965
EUVD-2026-1632826.03.2026, 21:17
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libssh | libssh | 𝑥 ≤ 0.11.3 |
| redhat | enterprise_linux | 9.0 |
| redhat | enterprise_linux | 10.0 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| libssh-config |
| ||||||||
| libssh-devel |
| ||||||||
| libssh4 |
| ||||||||
| libssh4-32bit |
|
Common Weakness Enumeration