Main Vulnerability Database SB2026060255

SB2026060255 - Red Hat Enterprise Linux 7 Extended Lifecycle Support update for openssh

Published: June 2, 2026

Security Bulletin ID SB2026060255

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper privilege management (CVE-ID: CVE-2026-35385)

CWE-ID: CWE-269 - Improper Privilege Management

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local privileged user to create files with unintended setuid or setgid bits.

The vulnerability exists due to improper privilege management in scp(1) when downloading files in legacy (-O) mode as root without the -p flag set. A local privileged user can download a file with crafted mode bits to create files with unintended setuid or setgid bits.

The issue occurs only in legacy mode and only when files are downloaded as root without preserving modes.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2026:22468