CVE-2026-0966

Description

The API function ssh_get_hexa() is vulnerable, when 0-lenghtinput is provided to this function. This function is used internallyin ssh_get_fingerprint_hash() and ssh_print_hexa() (deprecated),which is vulnerable to the same input (length is provided by thecalling application).The function is also used internally in the gssapi code for loggingthe OIDs received by the server during GSSAPI authentication. Thiscould be triggered remotely, when the server allows GSSAPI authenticationand logging verbosity is set at least to SSH_LOG_PACKET (3). Thiscould cause self-DoS of the per-connection daemon process.

Risk Information

Base Score

6.5

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

EPSS Score

Exploitation Probability

0.0

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234