8.2
CVE-2026-3497
- EPSS 2.18%
- Veröffentlicht 12.03.2026 18:27:44
- Zuletzt bearbeitet 30.06.2026 03:19:13
- Quelle security@ubuntu.com
- CVE-Watchlists
- Unerledigt
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version25.10
Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version22.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version24.04 SwEditionlts
Debian ≫ Debian Linux Version11.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.18% | 0.801 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| security@ubuntu.com | 6.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 8.2 | 3.9 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
|
CWE-824 Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://ubuntu.com/security/CVE-2026-3497
https://www.openwall.com/lists/oss-security/2026/03/12/3
http://www.openwall.com/lists/oss-security/2026/03/12/3
http://www.openwall.com/lists/oss-security/2026/03/14/3
http://www.openwall.com/lists/oss-security/2026/03/14/4
http://www.openwall.com/lists/oss-security/2026/03/18/2
http://www.openwall.com/lists/oss-security/2026/03/18/4
http://www.openwall.com/lists/oss-security/2026/03/18/5
http://www.openwall.com/lists/oss-security/2026/03/18/7
https://lists.debian.org/debian-lts-announce/2026/04/msg00014.html
https://access.redhat.com/errata/RHSA-2026:10065
https://access.redhat.com/errata/RHSA-2026:13812
https://access.redhat.com/errata/RHSA-2026:12071
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:15087
https://access.redhat.com/errata/RHSA-2026:14773
https://access.redhat.com/errata/RHSA-2026:16008
https://access.redhat.com/errata/RHSA-2026:16009
https://access.redhat.com/errata/RHSA-2026:16030
https://access.redhat.com/errata/RHSA-2026:17596
https://access.redhat.com/errata/RHSA-2026:19725
https://access.redhat.com/errata/RHSA-2026:19724
https://access.redhat.com/errata/RHSA-2026:20040
https://access.redhat.com/errata/RHSA-2026:21690
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:10714
https://access.redhat.com/errata/RHSA-2026:13750
https://access.redhat.com/errata/RHSA-2026:14924
https://access.redhat.com/errata/RHSA-2026:15891
https://access.redhat.com/errata/RHSA-2026:15893
https://access.redhat.com/errata/RHSA-2026:20087
https://access.redhat.com/errata/RHSA-2026:21695
https://access.redhat.com/errata/RHSA-2026:5475
https://access.redhat.com/errata/RHSA-2026:6461
https://access.redhat.com/errata/RHSA-2026:6462
https://access.redhat.com/errata/RHSA-2026:6463
https://access.redhat.com/errata/RHSA-2026:7107
https://access.redhat.com/errata/RHSA-2026:9415
https://access.redhat.com/errata/RHSA-2026:9732
https://access.redhat.com/security/cve/CVE-2026-3497
https://bugzilla.redhat.com/show_bug.cgi?id=2447085
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3497.json