GSSAPI Vulnerability in OpenSSH for Various Linux Distributions
CVE-2026-3497

2.7LOW

Key Information:

Vendor

Ubuntu

Status
Vendor
CVE Published:
12 March 2026

What is CVE-2026-3497?

CVE-2026-3497 is a vulnerability identified within the GSSAPI implementation of OpenSSH, affecting various Linux distributions, including Ubuntu. OpenSSH is widely used for secure remote communication and secure file transfer, employing encryption to protect data during transit. The identified vulnerability stems from the handling of error conditions during the GSSAPI key exchange process, particularly its use of sshpkt_disconnect(). This function's failure to terminate a process correctly can enable an attacker to exploit uninitialized connection variables, potentially leading to unpredictable and undefined behavior in the system. This flaw poses a significant risk, as it could allow an attacker to execute arbitrary code or compromise the security of the affected server environment.

Potential impact of CVE-2026-3497

  1. Unauthorized Access and Execution: The vulnerability may allow attackers to exploit the uninitialized variables, leading to unauthorized access to sensitive data or executing malicious code within the affected system, ultimately compromising the integrity of the server.

  2. System Stability and Reliability: Given that the vulnerability involves the potential for undefined behavior, systems may become unstable, leading to crashes or erratic behavior, affecting the reliability of critical services dependent on OpenSSH.

  3. Security Breach Risks: The successful exploitation of this vulnerability could facilitate further attacks, allowing adversaries to leverage compromised systems for additional infiltration, internal reconnaissance, or lateral movement within an organization's infrastructure.

Affected Version(s)

openssh 1:10.0p1-5ubuntu5 < 1:10.0p1-5ubuntu5.1

openssh 1:9.6p1-3ubuntu13 < 1:9.6p1-3ubuntu13.15

openssh 1:8.9p1-3 < 1:8.9p1-3ubuntu0.14

References

CVSS V4

Score:
2.7
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jeremy Brown
.