CVE-2026-0966 MEDIUM

CVE-2026-0966: Libssh: libssh: denial of service via zero-length input in ssh_get_hexa()

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-124
Published March 26, 2026
Last update May 19, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_PACKET (3)` or higher. Successful exploitation could lead to a self-Denial of Service of the per-connection daemon process.

Key dates

02Disclosure timeline

March 26, 2026 CVE published
May 19, 2026 Record updated