Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-0965 is a vulnerability in libssh where the software attempts to open arbitrary files during configuration parsing without restricting the file types. This means that if a local attacker provides a malicious configuration file or if the system is misconfigured, libssh might open dangerous files such as block devices, FIFOs, named pipes, or very large system files.

This improper handling can lead to a Denial of Service (DoS) condition because accessing these files can disrupt normal operations.

The vulnerability affects all configuration files loaded from default locations or parsed via specific libssh functions, including those included directly or through glob wildcards.

The fix for this issue involves restricting libssh to read only regular files and enforcing a maximum configuration file size limit of 16 MB.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by causing a Denial of Service (DoS) on systems using libssh. If exploited, the system may attempt to open inappropriate or dangerous files during configuration parsing, which can disrupt normal operations and potentially make the service unavailable.

Since the vulnerability requires local access or a misconfiguration to be exploited, it primarily affects environments where untrusted users can supply configuration files or where configuration files are not properly controlled.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking for the presence of malicious or misconfigured libssh configuration files that attempt to open arbitrary or non-regular files such as block devices, FIFOs, named pipes, or very large system files.

You can inspect the configuration files loaded by libssh, including those parsed by the functions ssh_config_parse_file() and ssh_bind_config_parse_file(), as well as any included files or those matched by glob wildcards.

Suggested commands to detect suspicious configuration files include:

• Find configuration files larger than 16 MB (the maximum allowed size): find /etc/ssh -type f -size +16M
• Check for symbolic links, block devices, FIFOs, or named pipes in configuration directories: find /etc/ssh \( -type b -o -type p -o -type l \)
• Review the contents of configuration files for suspicious include directives or unusual file references.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include restricting libssh to read only regular files and enforcing a maximum configuration file size limit of 16 MB.

Ensure that all libssh configuration files are properly validated and do not include or reference block devices, FIFOs, named pipes, or very large files.

Apply any available patches or updates that implement these restrictions and fixes.

Review and sanitize all configuration files to remove or correct any malicious or misconfigured entries.

Useful 0 Not Useful 0