CVE-2025-26465

Name of the Vulnerable Software and Affected Versions OpenSSH versions 6.8p1 through 9.9p1

Description A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled, allowing a machine-in-the-middle attack to be performed by a malicious machine impersonating a legitimate server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. The vulnerability enables credential theft, data breaches, and unauthorized access, potentially violating compliance.

Recommendations For OpenSSH versions 6.8p1 through 9.9p1, update to OpenSSH 9.9p2 or later to fix the vulnerability. As a temporary workaround, consider disabling the VerifyHostKeyDNS option until a patch is available. Restrict access to SSH traffic and monitor for abnormal patterns to stop potential attacks early. Enforce strict connection rate limits to prevent denial-of-service attacks.