[CLSA-2026:1783706054] openssh: Fix of CVE-2026-55653
Type:
security
Severity:
Moderate
Release date:
2026-07-10 17:54:33 UTC
Description:
- CVE-2026-55653: fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service
CVEs fixed:
Updated packages:
  • openssh-8.7p1-45.el9_6.tuxcare.els6.x86_64.rpm
    sha:f56cf412cf1008018da60d224c08399561d68ca111c2f66f1124c744335a3976
  • openssh-askpass-8.7p1-45.el9_6.tuxcare.els6.x86_64.rpm
    sha:3ca22b878e4bde2e54ead8d32df2b7dda689339193ed1a6e6351b6a255e6fe6a
  • openssh-clients-8.7p1-45.el9_6.tuxcare.els6.x86_64.rpm
    sha:ce4545e7896fea84869815407e1e0c622bc458b94cd08c0d7a2cc7abdc468cfc
  • openssh-keycat-8.7p1-45.el9_6.tuxcare.els6.x86_64.rpm
    sha:ff1c316564f951086fa8f46812871e1585094260b59b834dcfa37eaf7fb6d943
  • openssh-server-8.7p1-45.el9_6.tuxcare.els6.x86_64.rpm
    sha:9b6f5558f039a436abe5cbd27789287a550f0be00a2a095cb3021bc518d3902e
  • openssh-sk-dummy-8.7p1-45.el9_6.tuxcare.els6.x86_64.rpm
    sha:351295a5a97e96d55e4b475a1198cda854c2492804631f5a26f5e5ba2733678a
  • pam_ssh_agent_auth-0.10.4-5.45.el9_6.tuxcare.els6.x86_64.rpm
    sha:11a535c4a0fa7c96d121a7ef1f0196b42778d94bd55b84d4e67165fbad8a6f6a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.