{}

{}

{}

{"acknowledgement": "Red Hat would like to thank Jakub Jelen (libssh), Jun Xu, Kang Yang, and Yunhang Zhang for reporting this issue.", "bugzilla": {"description": "libssh: Buffer underflow in ssh_get_hexa() on invalid input", "id": "2433121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433121"}, "csaw": false, "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, consider disabling GSSAPI authentication if it is not required, or reduce the `LogLevel` in the `sshd_config` file to a value lower than `SSH_LOG_PACKET` (e.g., `INFO`).\nTo disable GSSAPI authentication, add or modify the following line in `/etc/ssh/sshd_config`:\n`GSSAPIAuthentication no`\nTo reduce logging verbosity, add or modify the following line in `/etc/ssh/sshd_config`:\n`LogLevel INFO`\nAfter making changes to `sshd_config`, the `sshd` service must be restarted for the changes to take effect. This may temporarily interrupt active SSH sessions."}, "name": "CVE-2026-0966", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "libssh", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "libssh2", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libssh2", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "libssh", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "libssh", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-02-10T18:47:15Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-0966\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-0966"], "threat_severity": "Moderate"}

{}