Memory Consumption Vulnerability in OpenSSH by Red Hat
CVE-2025-26466
Key Information:
- Vendor
- OpenBSD
- Vendor
- CVE Published:
- 28 February 2025
Badges
Summary
A flaw exists in the OpenSSH package which allows attackers to exploit the server's memory management. When the SSH server receives a ping packet, it allocates corresponding pong packets in a memory buffer, maintaining them in a queue until the key exchange process is complete. This can be manipulated by a malicious client to keep sending ping packets, resulting in excessive memory consumption on the server, potentially leading to service unavailability and a denial of service attack.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
OpenSSH bugs allows Man-in-the-Middle and DoS Attacks
Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions.
OpenSSH flaws could enable man-in-the-middle attacks, denial of service
If the VerifyHostKeyDNS option is activated, an attacker could impersonate a server to hijack SSH sessions.
Proof-of-Concept Exploits Published for 2 New OpenSSH Bugs
Millions of servers are at risk from vulnerabilities in OpenSSH, a widely used, open source remote server management and file transfer tool. The flaws pose
References
EPSS Score
14% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
- π‘
Public PoC available
- πΎ
Exploit known to exist
- π°
First article discovered by The Register
Vulnerability Reserved