PT-2026-42707 · Red Hat+9 · Assisted Installer For Red Hat Openshift Container Platform 2+88
Nealpatel
·
Published
2026-05-22
·
Updated
2026-07-02
·
CVE-2026-39828
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
The product name cannot be determined (affected versions not specified)
Description
An issue exists where an SSH server authentication callback returning
PartialSuccessError with non-nil Permissions caused those permissions to be silently discarded. This could lead to the removal of certificate restrictions, such as force-command, following the successful completion of a second factor authentication.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Certificate Validation
Improper Preservation of Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Assisted Installer For Red Hat Openshift Container Platform 2
Builds For Red Hat Openshift
Confidential Compute Attestation
Cryostat 4
External Secrets Operator For Red Hat Openshift
Multicluster Engine For Kubernetes
Openshift Api For Data Protection
Openshift Pipelines
Openshift Serverless
Red Hat Advanced Cluster Management For Kubernetes 2
Red Hat Advanced Cluster Security 4
Red Hat Advanced Cluster Security For Kubernetes 4.10
Red Hat Advanced Cluster Security For Kubernetes 4.9
Red Hat Ceph Storage 9
Red Hat Edge Manager 1
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Openshift
Red Hat Openshift Container Platform 4
Red Hat Openshift Dev Spaces
Red Hat Openshift Dev Workspaces Operator
Red Hat Openshift Gitops
Red Hat Openshift Virtualization 4
Red Hat Openshift For Windows Containers
Red Hat Openshift On Aws
Red Hat Openstack Platform 16.2
Red Hat Openstack Platform 17.1
Red Hat Openstack Platform 18.0
Red Hat Openshift Data Foundation 4
Red Hat Quay 3
Red Hat Trusted Artifact Signer
Security Profiles Operator
Zero Trust Workload Identity Manager
Zero Trust Workload Identity Manager - Tech Preview
Amazon-Ssm-Agent
Apko
Apptainer
Argo Cd
Argo Workflows
Buildah
Cadvisor
Calico
Calicoctl
Cert-Manager
Cert-Manager Operator For Red Hat Openshift
Cilium-Cli
Kubernetes Containerd
Cortex
Crypto++
Distribution
Docker-Cli-Buildx
Elastic-Beats
Elemental-Toolkit
Etcd
External-Secrets
Git-Bug
Golang-Go.Crypto
Golang.Org/X/Crypto
Golang.Org/X/Crypto/Ssh
Google-Guest-Agent
Google-Osconfig-Agent
Gostatsd
Grype
Helm
Helm-Operator
Istio
Kube-State-Metrics
Kube-Vip
Kubernetes-Csi-External-Provisioner-Fips
Kubernetes-Csi-External-Snapshotter-Fips
Lxd
Mcphost
Memcached-Exporter
Mongodb
Multicluster Engine For Kubernetes 2.6
Nats-Streaming
Osv-Scanner
Percona-Server-Mongodb-Operator
Podman
Rclone
Sealed-Secrets
Skopeo
Snapd
Spice-Server
Spire-Server-Fips
Trivy
Vault
Velociraptor