ALSA-2026:6462

[ALSA-2026:6462] Important: openssh security update

Type:

security

Severity:

important

Release date:

2026-04-09

Description:

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.  

Security Fix(es):  

  * openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables (CVE-2026-3497)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	pam_ssh_agent_auth-0.10.4-5.48.el9_7.alma.1.aarch64.rpm	0e1c52087c71f2b40a434571f80790a6b40dabd80d1635c007b754583e83d729
aarch64	openssh-8.7p1-48.el9_7.alma.1.aarch64.rpm	0fe9401e236060b2d275381d51a47ecb805d05268116a6358a0f8ca312090e3e
aarch64	openssh-keycat-8.7p1-48.el9_7.alma.1.aarch64.rpm	1f3b40338dea873934fa4ac2a7a1be63dbaff93121c85eadc57908d6375a9ef0
aarch64	openssh-askpass-8.7p1-48.el9_7.alma.1.aarch64.rpm	31efe5009e564dea1c3ab40adfd4f352ba2eb00b9e72f76aee177a0301eab323
aarch64	openssh-server-8.7p1-48.el9_7.alma.1.aarch64.rpm	4526a14a225e7cde68a877df28a664390d219f1e7725019db230e39da2d6ce14
aarch64	openssh-clients-8.7p1-48.el9_7.alma.1.aarch64.rpm	ac4e82b3a547c4be3517278ebd1ac0cdae79b0c3bc7f7bc54b8bbb718fb00164
ppc64le	openssh-keycat-8.7p1-48.el9_7.alma.1.ppc64le.rpm	28f22200017e9a3e38d63db6b42467ece9bf5b69602496115e3d6a31c41309fc
ppc64le	pam_ssh_agent_auth-0.10.4-5.48.el9_7.alma.1.ppc64le.rpm	2bc6d04001a7803f3e76b88c3ca665bfd1f33aed5202da6dcad77096e77c6596
ppc64le	openssh-server-8.7p1-48.el9_7.alma.1.ppc64le.rpm	4555bac16405cbfd5873ea8ab60584d0c4e017c1a858b5a8192886f07f00e2bd
ppc64le	openssh-clients-8.7p1-48.el9_7.alma.1.ppc64le.rpm	94105eeadfe332ebf1cb2f63ad3f988913da91d8872953978a4c277410ad313b
ppc64le	openssh-8.7p1-48.el9_7.alma.1.ppc64le.rpm	bf792531ddbfbdf396775a826577dc2f8a6b0e9f64c9cb6825d8dc878c7d95eb
ppc64le	openssh-askpass-8.7p1-48.el9_7.alma.1.ppc64le.rpm	e8fd5a8062670776521473626150d9c677bd790434c94320c3b10584ce8d2efa
s390x	openssh-server-8.7p1-48.el9_7.alma.1.s390x.rpm	2aaeb19bfac172b9002e2e74df55af60d65e5e957c4d4ef8750084677efb772e
s390x	openssh-clients-8.7p1-48.el9_7.alma.1.s390x.rpm	3365f0d3b7dee8b4a527924694800e0d0cad18722c0ad11be8b0cbbed3b66310
s390x	pam_ssh_agent_auth-0.10.4-5.48.el9_7.alma.1.s390x.rpm	396addbc72cb262cee2c126a0fcca8b15c402dffd467638b54820156f241327c
s390x	openssh-askpass-8.7p1-48.el9_7.alma.1.s390x.rpm	65c963d891e7e79753c201e9ad7d149e88498b8bd88c42b62e922bd7b9f92182
s390x	openssh-keycat-8.7p1-48.el9_7.alma.1.s390x.rpm	b68e1d14d59ed6e0b76442d7ac1b260228d82719fdd26719a3652be3004204a0
s390x	openssh-8.7p1-48.el9_7.alma.1.s390x.rpm	dfc338408bf802e50257ab5e90b6db1b4fc292b12ace1130c9c639184f9e500d
x86_64	openssh-askpass-8.7p1-48.el9_7.alma.1.x86_64.rpm	4218bd15cb0cf9e92aa02dfc70da5ffdb5a4ae25f041453eab2010bf2e9cbef1
x86_64	openssh-keycat-8.7p1-48.el9_7.alma.1.x86_64.rpm	7242df0fa12b74cc779f911c4d1cd335ae9df9f4e4e20ecc19f20d9ceb466062
x86_64	openssh-clients-8.7p1-48.el9_7.alma.1.x86_64.rpm	7acfa281d5f89f46e2681750469762231d04b13a7569356e0a95b92dec7a054c
x86_64	pam_ssh_agent_auth-0.10.4-5.48.el9_7.alma.1.x86_64.rpm	9efdaee740dd92b3af1ea3bf04a8e88256c6f8ec294dfde1b3c8ce78f3794fea
x86_64	openssh-server-8.7p1-48.el9_7.alma.1.x86_64.rpm	ba22ddf5ad1e8238eaee653667c056dc39cf8687ab1e53db4d4700bcb9fb76a1
x86_64	openssh-8.7p1-48.el9_7.alma.1.x86_64.rpm	cd0a38e18485631353637f3139495f93b54417dfcf744f4a6ea02d91816679af

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.