Mageia Advisory: MGASA-2026-0227 - Updated sslh packages fix security vulnerabilities

Updated sslh packages fix security vulnerabilities

Publication date: 23 Jun 2026
Modification date: 23 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-46806 , CVE-2025-46807 , CVE-2025-52936

Description

CVE-2025-46806, A Use of Out-of-range Pointer Offset vulnerability in
sslh leads to denial of service on some architectures
CVE-2025-46807, A Allocation of Resources Without Limits or Throttling
vulnerability in sslh allows attackers to easily exhaust the file
descriptors in sslh and deny legitimate users service.
CVE-2025-52936, Improper Link Resolution Before File Access ('Link
Following') vulnerability in yrutschle sslh

References

https://bugs.mageia.org/show_bug.cgi?id=34345
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/7OYJB5CGFUQDS3Z3Y5EBCTJLLCFP33SZ/
https://www.openwall.com/lists/oss-security/2025/06/13/1
https://ubuntu.com/security/notices/USN-8360-1
https://www.cve.org/CVERecord?id=CVE-2025-46806
https://www.cve.org/CVERecord?id=CVE-2025-46807
https://www.cve.org/CVERecord?id=CVE-2025-52936

SRPMS

9/core

sslh-2.3.1-1.1.mga9

Advisories » MGASA-2026-0227

Updated sslh packages fix security vulnerabilities

Description

References

SRPMS

9/core