8.2

CVE-2026-3497

Medienbericht
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalUbuntu Linux Version25.10
OpenbsdOpenssh Version-
CanonicalUbuntu Linux Version20.04 SwEditionlts
CanonicalUbuntu Linux Version22.04 SwEditionlts
CanonicalUbuntu Linux Version24.04 SwEditionlts
DebianDebian Linux Version11.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.18% 0.801
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security@ubuntu.com 6.9 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 8.2 3.9 4.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CWE-824 Access of Uninitialized Pointer

The product accesses or uses a pointer that has not been initialized.

CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
17.03.2026 22:19
https://ubuntu.com/security/CVE-2026-3497
Third Party Advisory
https://www.openwall.com/lists/oss-security/2026/03/12/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/12/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/14/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/14/4
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/18/2
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/18/4
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/18/5
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/03/18/7
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2026/04/msg00014.html
Third Party Advisory
Mailing List
https://access.redhat.com/errata/RHSA-2026:10065
https://access.redhat.com/errata/RHSA-2026:13812
https://access.redhat.com/errata/RHSA-2026:12071
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:15087
https://access.redhat.com/errata/RHSA-2026:14773
https://access.redhat.com/errata/RHSA-2026:16008
https://access.redhat.com/errata/RHSA-2026:16009
https://access.redhat.com/errata/RHSA-2026:16030
https://access.redhat.com/errata/RHSA-2026:17596
https://access.redhat.com/errata/RHSA-2026:19725
https://access.redhat.com/errata/RHSA-2026:19724
https://access.redhat.com/errata/RHSA-2026:20040
https://access.redhat.com/errata/RHSA-2026:21690
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:10714
https://access.redhat.com/errata/RHSA-2026:13750
https://access.redhat.com/errata/RHSA-2026:14924
https://access.redhat.com/errata/RHSA-2026:15891
https://access.redhat.com/errata/RHSA-2026:15893
https://access.redhat.com/errata/RHSA-2026:20087
https://access.redhat.com/errata/RHSA-2026:21695
https://access.redhat.com/errata/RHSA-2026:5475
https://access.redhat.com/errata/RHSA-2026:6461
https://access.redhat.com/errata/RHSA-2026:6462
https://access.redhat.com/errata/RHSA-2026:6463
https://access.redhat.com/errata/RHSA-2026:7107
https://access.redhat.com/errata/RHSA-2026:9415
https://access.redhat.com/errata/RHSA-2026:9732
https://access.redhat.com/security/cve/CVE-2026-3497
https://bugzilla.redhat.com/show_bug.cgi?id=2447085
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3497.json