Red Hat Product Errata RHSA-2026:22648 - Security Advisory Issued: 2026-06-02 Updated: 2026-06-02 RHSA-2026:22648 - Security Advisory Overview Updated Packages Synopsis Important: openssh security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openssh is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode (CVE-2026-35385) OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option (CVE-2026-35414) OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage (CVE-2026-35387) OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions (CVE-2026-35388) OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username (CVE-2026-35386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2454469 - CVE-2026-35385 OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode BZ - 2454490 - CVE-2026-35414 OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option BZ - 2454494 - CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage BZ - 2454500 - CVE-2026-35388 OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions BZ - 2454506 - CVE-2026-35386 OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username CVEs CVE-2026-35385 CVE-2026-35386 CVE-2026-35387 CVE-2026-35388 CVE-2026-35414 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM openssh-8.7p1-30.el9_2.11.src.rpm SHA-256: 0b381432ab999813dbab5d02341abc659081fd542532a02392ae6c0a33063179 x86_64 openssh-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 9aa46ddbd8ba030c4361cef5da9839677e8129d01c0a24e2168bb1246aef3335 openssh-askpass-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 6fa99df23f8d67708e6eddea55cea26c94e16cec1570301b4c0a3728bbea98e7 openssh-askpass-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 239fce475e1c509c3d72a9dc848193c223029f82af3045af074bce67d6b5c901 openssh-askpass-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 239fce475e1c509c3d72a9dc848193c223029f82af3045af074bce67d6b5c901 openssh-clients-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 46a482fe81bb1b4971b07d718b7649c595f436d25ffb2a38cf99d0fefaf5edd5 openssh-clients-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: baecb71ed9241b90a2f22c5b236c080fbcbd6c817dc62053b8da838637568e20 openssh-clients-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: baecb71ed9241b90a2f22c5b236c080fbcbd6c817dc62053b8da838637568e20 openssh-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: a218e259309474d41badcf087d099a7c76dc4945da696a114f3e2d1c57e9c09f openssh-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: a218e259309474d41badcf087d099a7c76dc4945da696a114f3e2d1c57e9c09f openssh-debugsource-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 052d431c2b56e6fa3a65eea12cc60732fd501d15ac261e250b790b545699c3ed openssh-debugsource-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 052d431c2b56e6fa3a65eea12cc60732fd501d15ac261e250b790b545699c3ed openssh-keycat-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: a676c2b0a24c7092be4940b7f3eeb7822f0404f18dad679a8cac1a82deaf5c8a openssh-keycat-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: e7e7f5c4101a4268da43b2f068f525757fa1757a1357b8571c6ecebb4a2fb721 openssh-keycat-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: e7e7f5c4101a4268da43b2f068f525757fa1757a1357b8571c6ecebb4a2fb721 openssh-server-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 4679fc260a86d88b2777d262119406e86ec549d73863247683b9bed06ec5f4be openssh-server-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 6ad4012d3f572aa3abf992c6a68a3f94bff5b69dd31a2e8c1472e828f9a81945 openssh-server-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 6ad4012d3f572aa3abf992c6a68a3f94bff5b69dd31a2e8c1472e828f9a81945 openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 87f81e8cb8827e744e320ff3a7fc1b1da30893c814e1611a446932dc8f00a7e6 openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 87f81e8cb8827e744e320ff3a7fc1b1da30893c814e1611a446932dc8f00a7e6 pam_ssh_agent_auth-0.10.4-5.30.el9_2.11.x86_64.rpm SHA-256: acbc9da4ef5bcb9e74654ad3bbb6c307a3fcffad3864270b35577793df429fb3 pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.11.x86_64.rpm SHA-256: c684111ce0084a72cff53b94f589417057b2bd6a3d916a776b3ee201ecd28729 pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.11.x86_64.rpm SHA-256: c684111ce0084a72cff53b94f589417057b2bd6a3d916a776b3ee201ecd28729 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM openssh-8.7p1-30.el9_2.11.src.rpm SHA-256: 0b381432ab999813dbab5d02341abc659081fd542532a02392ae6c0a33063179 ppc64le openssh-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: a6ec3a38db9abc627f26f09ab2ebf6702811db51296ffea33eda7029bac0386a openssh-askpass-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 5b2acbc000c4b77ecb9ff98a9e448aa1ac6510959dacb977e225500539d7f6b9 openssh-askpass-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 36c30091422423e4c964e302a2f691cbd00604195f928848c9c2e4e78a71cd51 openssh-askpass-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 36c30091422423e4c964e302a2f691cbd00604195f928848c9c2e4e78a71cd51 openssh-clients-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: dafefa553ab80a462842e3cc8e108b9c6a81b492706b1d08ca8cd070f4db755c openssh-clients-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 510d83328e23ad4965d718d662c74145a92daecc626a4d8203283a7826e1eb70 openssh-clients-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 510d83328e23ad4965d718d662c74145a92daecc626a4d8203283a7826e1eb70 openssh-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: ee90fb3931e5f0299b5879b6fca8fe9472ab4d517fcd083ca580b8830f741b92 openssh-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: ee90fb3931e5f0299b5879b6fca8fe9472ab4d517fcd083ca580b8830f741b92 openssh-debugsource-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: a26e5d7434636bb6eb3a2935182eb1231d193149d91431fc540dad4593459e57 openssh-debugsource-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: a26e5d7434636bb6eb3a2935182eb1231d193149d91431fc540dad4593459e57 openssh-keycat-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 356e35e74e24f631bcac7c2298fc5ec7214bdc54cc83511305431f7c7bcc2900 openssh-keycat-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 91ed93c8cdf641a69b411742903a0c708ab9c89402a130414fd103e1de5546b4 openssh-keycat-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 91ed93c8cdf641a69b411742903a0c708ab9c89402a130414fd103e1de5546b4 openssh-server-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: e20f7af09baf58b0858a7799a3c0b687fd217872a97623c47659af30f666c2dd openssh-server-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 898aa7b54b5b7a99d817c68a172f6654ebc71294cc7f38d0525fcc642c3d54dc openssh-server-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 898aa7b54b5b7a99d817c68a172f6654ebc71294cc7f38d0525fcc642c3d54dc openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 445b0db1ef78eff8760f3e76b8e7e43c2d5d703a941f46c02beced92b1b60c58 openssh-sk-dummy-debuginfo-8.7p1-30.el9_2.11.ppc64le.rpm SHA-256: 445b0db1ef78eff8760f3e76b8e7e43c2d5d703a941f46c02beced92b1b60c58 pam_ssh_agent_auth-0.10.4-5.30.el9_2.11.ppc64le.rpm SHA-256: c651d72e1cfeab7d130100b95af73f9462b6156b1260ccf3fd78ef50dfd008af pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.11.ppc64le.rpm SHA-256: d177d7e9ffe077c50405212e2ffe956e93deab53f8541d0ada9670ba875e91fb pam_ssh_agent_auth-debuginfo-0.10.4-5.30.el9_2.11.ppc64le.rpm SHA-256: d177d7e9ffe077c50405212e2ffe956e93deab53f8541d0ada9670ba875e91fb Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM openssh-8.7p1-30.el9_2.11.src.rpm SHA-256: 0b381432ab999813dbab5d02341abc659081fd542532a02392ae6c0a33063179 x86_64 openssh-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 9aa46ddbd8ba030c4361cef5da9839677e8129d01c0a24e2168bb1246aef3335 openssh-askpass-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 6fa99df23f8d67708e6eddea55cea26c94e16cec1570301b4c0a3728bbea98e7 openssh-askpass-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 239fce475e1c509c3d72a9dc848193c223029f82af3045af074bce67d6b5c901 openssh-askpass-debuginfo-8.7p1-30.el9_2.11.x86_64.rpm SHA-256: 239fce475e1c509c3d72a9dc848193c223029f82af3045af074bce67d6b5c901 openssh-clients-8.7p1-30.el9_2.11.x86_