FKIE_CVE-2026-3497

Vulnerability from fkie_nvd - Published: 2026-03-12 19:16 - Updated: 2026-06-30 03:19
Summary
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.
References
security@ubuntu.comhttps://ubuntu.com/security/CVE-2026-3497Third Party Advisory
security@ubuntu.comhttps://www.openwall.com/lists/oss-security/2026/03/12/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/12/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/14/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/14/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/18/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/18/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/18/5Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2026/03/18/7Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2026/04/msg00014.htmlMailing List, Third Party Advisory
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:10065
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:10714
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:12071
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:13750
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:13812
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:14773
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:14924
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:15087
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:15891
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:15893
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:16008
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:16009
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:16030
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:16174
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:17596
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:19724
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:19725
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:20040
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:20087
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:21690
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:21695
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:25096
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:5475
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:6461
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:6462
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:6463
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:7107
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:9415
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:9732
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/security/cve/CVE-2026-3497
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://bugzilla.redhat.com/show_bug.cgi?id=2447085
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3497.json

{
  "affected": [
    {
      "affectedData": [
        {
          "collectionURL": "https://launchpad.net/ubuntu/",
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "openssh",
          "repo": "https://launchpad.net/ubuntu/+source/openssh",
          "vendor": "Ubuntu",
          "versions": [
            {
              "lessThan": "1:10.0p1-5ubuntu5.1",
              "status": "affected",
              "version": "1:10.0p1-5ubuntu5",
              "versionType": "dpkg"
            },
            {
              "lessThan": "1:9.6p1-3ubuntu13.15",
              "status": "affected",
              "version": "1:9.6p1-3ubuntu13",
              "versionType": "dpkg"
            },
            {
              "lessThan": "1:8.9p1-3ubuntu0.14",
              "status": "affected",
              "version": "1:8.9p1-3",
              "versionType": "dpkg"
            }
          ]
        }
      ],
      "source": "security@ubuntu.com"
    },
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "product": "Middleware Containers for OpenShift",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.19::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.19",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux_eus:10.0"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream (v. 10)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream (v. 8)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.6::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AppStream (v. 9)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux_eus:10.0"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.6::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux BaseOS (v. 9)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.2::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat AI Inference Server 3.2",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:hummingbird:1"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Hardened Images",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhui:5::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Update Infrastructure 5",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unknown",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "unknown",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "unknown",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        }
      ],
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:canonical:ubuntu_linux:25.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D57A0BE-7CC7-4986-9E91-650FE08B0D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BB9B2AD-A04E-4C93-9FAF-5DC02F69690B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "BF90B5A4-6E55-4369-B9D4-E7A061E797D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en el delta GSSAPI de OpenSSH incluida en varias distribuciones de Linux. Esta vulnerabilidad afecta a los parches GSSAPI a\u00f1adidos por varias distribuciones de Linux y no afecta al proyecto upstream de OpenSSH en s\u00ed. El uso de sshpkt_disconnect() en caso de error, que no termina el proceso, permite a un atacante enviar un tipo de mensaje GSSAPI inesperado durante el intercambio de claves GSSAPI al servidor, lo que llamar\u00e1 a la funci\u00f3n subyacente y continuar\u00e1 la ejecuci\u00f3n del programa sin establecer las variables de conexi\u00f3n relacionadas. Como las variables no se inicializan a NULL, el c\u00f3digo accede posteriormente a esas variables no inicializadas, accediendo a memoria aleatoria, lo que podr\u00eda llevar a un comportamiento indefinido. La soluci\u00f3n alternativa recomendada es usar ssh_packet_disconnect() en su lugar, que s\u00ed termina el proceso. El impacto de la vulnerabilidad depende en gran medida de la configuraci\u00f3n de endurecimiento de las banderas del compilador."
    }
  ],
  "id": "CVE-2026-3497",
  "lastModified": "2026-06-30T03:19:13.117",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security@ubuntu.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2026-3497",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-03-12T19:04:05.760026Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-03-12T19:16:19.910",
  "references": [
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://ubuntu.com/security/CVE-2026-3497"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2026/03/12/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/12/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/14/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/14/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/18/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/18/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/18/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2026/03/18/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00014.html"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:10065"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:10714"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:12071"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:13750"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:13812"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:14773"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:14924"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:15087"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:15891"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:15893"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:16008"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:16009"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:16030"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:16174"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:17596"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:19724"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:19725"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:20040"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:20087"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:21690"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:21695"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:25096"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:5475"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:6461"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:6462"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:6463"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:7107"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:9415"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:9732"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/security/cve/CVE-2026-3497"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447085"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3497.json"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "security@ubuntu.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-824"
        }
      ],
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…