[CLSA-2026:1783694178] openssh: Fix of CVE-2026-55653
Type:
security
Severity:
Moderate
Release date:
2026-07-10 14:36:35 UTC
Description:
- CVE-2026-55653: fix double free in the DH-GEX client path during FIPS known-group validation that leads to a client-side denial of service
CVEs fixed:
Updated packages:
  • openssh-8.7p1-30.el9_2.tuxcare.els13.x86_64.rpm
    sha:0771161146318afa80987cf967ce0290f6f8a8a5d3195dea36a3aaa53324600c
  • openssh-askpass-8.7p1-30.el9_2.tuxcare.els13.x86_64.rpm
    sha:01bb2373d6ceca2ab1ab77cc6fc24e3791dba226b663b5cc4e7bd43d9474d89c
  • openssh-clients-8.7p1-30.el9_2.tuxcare.els13.x86_64.rpm
    sha:8b864f314f8c0271483dfa42b9ccf5511ecc95dcdc3d65b61f37412f71e28ea7
  • openssh-keycat-8.7p1-30.el9_2.tuxcare.els13.x86_64.rpm
    sha:e377a15d4be7e04068508967cae9ce3ec12329711791896f79bd84eef3de0092
  • openssh-server-8.7p1-30.el9_2.tuxcare.els13.x86_64.rpm
    sha:44b3219687b7767d6704e911674b716710d3020f301316272f3767723c4e70ff
  • openssh-sk-dummy-8.7p1-30.el9_2.tuxcare.els13.x86_64.rpm
    sha:d16dcc512c6181da73d4765db7fc8bf283ebc91636badce9956a1cf2cf4ebf1b
  • pam_ssh_agent_auth-0.10.4-5.30.el9_2.tuxcare.els13.x86_64.rpm
    sha:0333b14650d2c05acdb33070eaffd4b5ce3f2738bfae902fae5888c0095492d6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.