rpm package
suse/openssh&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-61985 | Low | 3.6 | < 9.6p1-4.1 | 9.6p1-4.1 | Oct 6, 2025 | ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | |
| CVE-2025-61984 | Low | 3.6 | < 9.6p1-4.1 | 9.6p1-4.1 | Oct 6, 2025 | ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file | |
| CVE-2025-26466 | — | < 9.6p1-3.1 | 9.6p1-3.1 | Feb 28, 2025 | A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such pack | ||
| CVE-2025-26465 | Med | 6.8 | < 9.6p1-3.1 | 9.6p1-3.1 | Feb 18, 2025 | A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying | |
| CVE-2024-39894 | Hig | 7.5 | < 9.6p1-2.1 | 9.6p1-2.1 | Jul 2, 2024 | OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur. | |
| CVE-2024-6387 | Hig | 8.1 | < 9.6p1-2.1 | 9.6p1-2.1 | Jul 1, 2024 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time pe | |
| CVE-2023-51385 | Med | 6.5 | < 9.6p1-2.1 | 9.6p1-2.1 | Dec 18, 2023 | In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in | |
| CVE-2023-48795 | Med | 5.9 | < 9.6p1-2.1 | 9.6p1-2.1 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end |
- affected < 9.6p1-4.1fixed 9.6p1-4.1
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
- affected < 9.6p1-4.1fixed 9.6p1-4.1
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file
- CVE-2025-26466Feb 28, 2025affected < 9.6p1-3.1fixed 9.6p1-3.1
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such pack
- affected < 9.6p1-3.1fixed 9.6p1-3.1
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying
- affected < 9.6p1-2.1fixed 9.6p1-2.1
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.
- affected < 9.6p1-2.1fixed 9.6p1-2.1
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time pe
- affected < 9.6p1-2.1fixed 9.6p1-2.1
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in
- affected < 9.6p1-2.1fixed 9.6p1-2.1
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end