Fedora Account System
Red Hat Associate
Red Hat Customer
A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:29455 https://access.redhat.com/errata/RHSA-2026:29455
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:35833 https://access.redhat.com/errata/RHSA-2026:35833
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:36199 https://access.redhat.com/errata/RHSA-2026:36199
This issue has been addressed in the following products: RHEM 1.0 for RHEL 9 Via RHSA-2026:36796 https://access.redhat.com/errata/RHSA-2026:36796
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:37072 https://access.redhat.com/errata/RHSA-2026:37072
This issue has been addressed in the following products: RHEM 1.1 for RHEL 10 RHEM 1.1 for RHEL 9 Via RHSA-2026:41019 https://access.redhat.com/errata/RHSA-2026:41019