openssh-7.4p1-23.0.3.0.1.el7.AXS7

エラータID: AXSA:2025-9844:01

Release date: 
Thursday, April 10, 2025 - 15:23
Subject: 
openssh-7.4p1-23.0.3.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

Security Fix(es):

* CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option
is enabled

CVE(s):
CVE-2025-26465
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

Solution: 

Update packages.

CVEs: 
CVE-2025-26465
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
Additional Info: 

N/A

Download: 

Asianux Server 7 for x86_64
  1. openssh-7.4p1-23.0.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 27cf5e08b65505b3a8c75ce77258bc14
    SHA-256: 7e619b11da0c844db32fb6908e57741a670d965b08ed7b6909445ba6507632f4
    Size: 485.71 kB
  2. openssh-askpass-7.4p1-23.0.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 35225d166c303294b8a45616f6945489
    SHA-256: 2cfc606efc76d0c0d7f36617607e5d307c1f2e3def56ff3c2779ac79c7414016
    Size: 77.16 kB
  3. openssh-clients-7.4p1-23.0.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 75049d599cfebcb6167675501e45ada4
    SHA-256: 8831ca5515b43deb1151eb3ed026b2f027464b20a1ebc27067d731a41ea6be29
    Size: 655.86 kB
  4. openssh-keycat-7.4p1-23.0.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 39bd3438111fcac999628f90dd71f7f2
    SHA-256: 3ea394dcf6445ddea9e45aab8d960a0c2aecd1d9374798df65549ec870436614
    Size: 97.50 kB
  5. openssh-server-7.4p1-23.0.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 32ce270c4320aeaef4b32e8a96e83e0c
    SHA-256: 3c2536d4b5743d0817a57d5a11b9cc1c007976b7ce9dc22be53b567e9c0ab1b0
    Size: 459.80 kB