PT-2026-51473 · Red Hat · Red Hat Enterprise Linux 10+6
Published
2026-06-23
·
Updated
2026-06-23
·
CVE-2026-55655
CVSS v3.1
5.0
Medium
| Vector | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N |
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Hardened Images
Red Hat Openshift Container Platform 4