Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-26466

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

Published

2025-02-28T22:15:40.080

Last Modified

2025-05-27T16:15:31.100

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

Weaknesses

Type: Secondary
CWE-770
Type: Secondary
CWE-770

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	openbsd	openssh	9.5	Yes
Application	openbsd	openssh	9.6	Yes
Application	openbsd	openssh	9.6	Yes
Application	openbsd	openssh	9.7	Yes
Application	openbsd	openssh	9.7	Yes
Application	openbsd	openssh	9.8	Yes
Application	openbsd	openssh	9.8	Yes
Application	openbsd	openssh	9.9	Yes
Application	openbsd	openssh	9.9	Yes
Operating System	canonical	ubuntu_linux	24.04	Yes
Operating System	canonical	ubuntu_linux	24.10	Yes
Operating System	debian	debian_linux	11.0	Yes
Operating System	debian	debian_linux	12.0	Yes
Operating System	debian	debian_linux	13.0	Yes

References

https://access.redhat.com/security/cve/CVE-2025-26466 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2345043 Issue Tracking ([email protected])
https://seclists.org/oss-sec/2025/q1/144 ([email protected])
https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt Third Party Advisory ([email protected])
https://bugzilla.suse.com/show_bug.cgi?id=1237041 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security-tracker.debian.org/tracker/CVE-2025-26466 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20250228-0002/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://ubuntu.com/security/CVE-2025-26466 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2025/02/18/1 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2025/02/18/4 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt Third Party Advisory (134c704f-9b21-4f2e-91b3-4a467353bcc0)