========================================================================== Ubuntu Security Notice USN-8532-1 July 13, 2026
libssh2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS Summary: Several security issues were fixed in libssh2. Software Description: - libssh2: Client-side C library implementing the SSH2 protocol Details: It was discovered that libssh2 incorrectly handled certain publickey subsystem attributes. A remote attacker controlling a malicious SSH server could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2026-58050) It was discovered that libssh2 did not properly initialize publickey list entries before parsing. A remote attacker controlling a malicious SSH server could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2026-58051) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libssh2-1t64 1.11.1-1ubuntu0.26.04.3 Ubuntu 24.04 LTS libssh2-1t64 1.11.0-4.1ubuntu0.24.04.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8532-1 CVE-2026-58050, CVE-2026-58051 Package Information: https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.26.04.3 https://launchpad.net/ubuntu/+source/libssh2/1.11.0-4.1ubuntu0.24.04.3
signature.asc
Description: OpenPGP digital signature
