OpenSSH 10.4 Released With Security Fixes and SSH Protocol Hardening
ID: 453878cb-9735-5d77-a76c-50b49b59eca5
STIX ID: report--453878cb-9735-5d77-a76c-50b49b59eca5
Feed Name: Cyber Press
OpenSSH 10.4 (10.4p1) was released on July 6, 2026, introducing transport protocol hardening that disconnects peers sending non-key-exchange messages during key re-exchange (closing a denial-of-service/resource-exhaustion vector), stricter seccomp and NO_NEW_PRIVS enforcement on Linux (now fatal if unsupported), and a change to sshd -G which emits mixed-case directives that may break automation; administrators should test automation and kernel support before upgrading and consider auditing other SSH implementations for RFC 4253 compliance.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
