Red Hat Product Security has issued an advisory (RHSA-2026:18683) for multiple vulnerabilities in the libssh library used in Red Hat Enterprise Linux 9. The vulnerabilities include a double free in key export functions (CVE-2025-5351), use of uninitialized variable in privatekey_from_file() (CVE-2025-4878), write beyond bounds in binary to base64 conversion (CVE-2025-4877), null pointer dereference in key exchange session ID calculation (CVE-2025-8114), memory exhaustion via repeated key exchange (CVE-2025-8277), buffer underflow on invalid input (CVE-2026-0966), improper sanitation of SCP server paths (CVE-2026-0964), and several denial of service vulnerabilities via configuration file handling, inefficient regex processing, and malformed SFTP messages (CVE-2026-0965, CVE-2026-0967, CVE-2026-0968). These issues have been fixed in updated libssh packages for Red Hat Enterprise Linux 9. The advisory provides detailed instructions for applying the update.

The identified vulnerabilities in libssh could lead to memory corruption issues such as double free and buffer overflows, null pointer dereferences, memory exhaustion, improper input sanitization, and denial of service conditions. These issues may affect the stability and security of applications using libssh for SSH protocol implementation. The overall security impact is rated as moderate by Red Hat. There are no known exploits in the wild at this time.

Red Hat has released updated libssh packages for Red Hat Enterprise Linux 9 that address all listed vulnerabilities. Users should apply these official updates promptly following the guidance in the Red Hat advisory (RHSA-2026:18683) and the referenced update article (https://access.redhat.com/articles/11258). No additional mitigation steps are required beyond applying the vendor-provided patches.