Gnoppix Security Update: libssh2 Vulnerability Fix
GSA-6365-1 addresses a critical security flaw in libssh2, a library for SSH2 connections. Users of Gnoppix 23/25 and Gnoppix 25 must upgrade immediately.
What the Flaw Does
A heap-based buffer overflow occurs during SSH key exchange. An attacker can trigger it with a crafted server response, leading to remote code execution.
Critical warning: Exploitation requires no authentication—just connecting to a malicious SSH server.
Affected Systems
- Gnoppix 23/25 (stable) and Gnoppix 25 (testing)
- Older releases may also be vulnerable; users should upgrade.
Remediation Steps
- Update the package:
apt update && apt upgrade libssh2 - Restart services using libssh2 (e.g., SSH clients, applications linking to it)
- Verify version after update:
dpkg -l libssh2
Background Details
The vulnerability was discovered internally and has a CVSS score of 9.8 (critical). The fix backports patches from upstream libssh2 versions. No known active exploits in the wild yet.
For full advisory details, refer to the Gnoppix Security Tracker. - Please update your systems.