CVE-2026-0967: Inefficient Regular Expression Complexity in Red Hat Red Hat Enterprise Linux 10
A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.
AI Analysis
Technical Summary
This vulnerability involves inefficient regular expression complexity in the match_pattern() function of libssh on Red Hat Enterprise Linux 10. A remote attacker controlling client configuration or known_hosts files can craft specific hostnames that cause excessive backtracking during pattern matching, resulting in timeouts and resource exhaustion. The attack vector is local (AV:L), requires high attack complexity (AC:H), low privileges (PR:L), and user interaction (UI:R). The impact is limited to denial of service (DoS) with no confidentiality or integrity loss.
Potential Impact
The impact is a denial of service condition on the client side due to resource exhaustion and timeouts caused by inefficient regex processing. There is no impact on confidentiality or integrity. The attack requires local access and user interaction, limiting its severity and exploitability. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-0967 for current remediation guidance. Since no explicit patch or workaround is mentioned in the advisory content provided, users should monitor Red Hat's official channels for updates. Avoid using untrusted or manipulated client configuration and known_hosts files to reduce exposure.
CVE-2026-0967: Inefficient Regular Expression Complexity in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves inefficient regular expression complexity in the match_pattern() function of libssh on Red Hat Enterprise Linux 10. A remote attacker controlling client configuration or known_hosts files can craft specific hostnames that cause excessive backtracking during pattern matching, resulting in timeouts and resource exhaustion. The attack vector is local (AV:L), requires high attack complexity (AC:H), low privileges (PR:L), and user interaction (UI:R). The impact is limited to denial of service (DoS) with no confidentiality or integrity loss.
Potential Impact
The impact is a denial of service condition on the client side due to resource exhaustion and timeouts caused by inefficient regex processing. There is no impact on confidentiality or integrity. The attack requires local access and user interaction, limiting its severity and exploitability. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-0967 for current remediation guidance. Since no explicit patch or workaround is mentioned in the advisory content provided, users should monitor Red Hat's official channels for updates. Avoid using untrusted or manipulated client configuration and known_hosts files to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-01-14T21:55:01.348Z
- Cvss Version
- 3.0
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-0967","vendor":"Red Hat"}]
Threat ID: 69c5a54c3c064ed76fcfc863
Added to database: 3/26/2026, 9:29:48 PM
Last enriched: 5/2/2026, 1:56:43 AM
Last updated: 5/11/2026, 5:19:23 AM
Views: 49
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.