Main Vulnerability Database SB2025042482

SB2025042482 - openEuler 24.03 LTS update for openssh

Published: April 24, 2025

Security Bulletin ID SB2025042482

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2025-26465)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to incorrect processing of user-supplied data in ssh(1). A remote attacker can perform server impersonation when VerifyHostKeyDNS enabled.

2) Protection mechanism failure (CVE-ID: CVE-2025-32728)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to software does not properly handle the DisableForwarding directive, which does not disable X11 forwarding and agent forwarding as documented. A remote user can bypass expected application's behavior and bypass implemented security restrictions.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1439

SB2025042482 - openEuler 24.03 LTS update for openssh

Breakdown by Severity

Description

Remediation

References

Please verify you're human