PT-2026-42711 · Openssh+2 · Openssh+2

Drakkan

·

Published

2026-05-22

·

Updated

2026-07-10

·

CVE-2026-39832

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description Constraint extensions, such as restrict-destination-v00@openssh.com, were not serialized in requests when adding a key to a remote agent. This caused destination restrictions to be silently stripped during key forwarding, which allowed the key to be used without restrictions on the remote host. Furthermore, the in-memory keyring returned by the NewKeyring() function silently ignored keys with unsupported constraint extensions.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Deserialization of Untrusted Data

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:35833
ALSA-2026:36199
ALSA-2026:37123
ALSA-2026:37410
CLEANSTART-2026-AP10784
CLEANSTART-2026-BA41349
CLEANSTART-2026-BP02821
CLEANSTART-2026-BX78383
CLEANSTART-2026-CH64198
CLEANSTART-2026-CL67452
CLEANSTART-2026-CN27900
CLEANSTART-2026-CP20786
CLEANSTART-2026-EA12165
CLEANSTART-2026-EU52554
CLEANSTART-2026-FA38569
CLEANSTART-2026-IH16568
CLEANSTART-2026-KJ72865
CLEANSTART-2026-KZ96078
CLEANSTART-2026-MI06133
CLEANSTART-2026-MO16862
CLEANSTART-2026-MR08661
CLEANSTART-2026-NT30039
CLEANSTART-2026-NU38786
CLEANSTART-2026-PF69993
CLEANSTART-2026-QN97697
CLEANSTART-2026-QU83011
CLEANSTART-2026-RE02723
CLEANSTART-2026-RL64341
CLEANSTART-2026-RQ86436
CLEANSTART-2026-SW10568
CLEANSTART-2026-VD09973
CLEANSTART-2026-VD47610
CLEANSTART-2026-VO11205
CLEANSTART-2026-VX15911
CLEANSTART-2026-WA48911
CLEANSTART-2026-WF25734
CLEANSTART-2026-WS85269
CLEANSTART-2026-XV65906
CLEANSTART-2026-YG71543
CLEANSTART-2026-YK91867
CLEANSTART-2026-YY48565
CVE-2026-39832
GHSA-F5WC-C3C7-36MC
GO-2026-5006
OPENSUSE-SU-2026:10842-1
OPENSUSE-SU-2026:10845-1
OPENSUSE-SU-2026:10856-1
OPENSUSE-SU-2026:10949-1
OPENSUSE-SU-2026:11126-1
OPENSUSE-SU-2026:20834-1
OPENSUSE-SU-2026:20838-1
OPENSUSE-SU-2026:20902-1
OPENSUSE-SU-2026:20956-1
OPENSUSE-SU-2026:21069-1
OPENSUSE-SU-2026:21079-1
OPENSUSE-SU-2026:21084-1
OPENSUSE-SU-2026:21120-1
OPENSUSE-SU-2026:21210-1
OPENSUSE-SU-2026:21244-1
OPENSUSE-SU-2026:21251-1
RHSA-2026:35833
RHSA-2026:36199
RHSA-2026:36796
RHSA-2026:37072
RHSA-2026:37123
RHSA-2026:37410
SUSE-SU-2026:22065-1
SUSE-SU-2026:22074-1
SUSE-SU-2026:22157-1
SUSE-SU-2026:22159-1
SUSE-SU-2026:22193-1
SUSE-SU-2026:22226-1
SUSE-SU-2026:22242-1
SUSE-SU-2026:22249-1
SUSE-SU-2026:22376-1
SUSE-SU-2026:22423-1
SUSE-SU-2026:22442-1
SUSE-SU-2026:22451-1
SUSE-SU-2026:22516-1
SUSE-SU-2026:2467-1
SUSE-SU-2026:2468-1
SUSE-SU-2026:2581-1
SUSE-SU-2026:2609-1
SUSE-SU-2026:2611-1
SUSE-SU-2026:2612-1
SUSE-SU-2026:2665-1
SUSE-SU-2026:2706-1
SUSE-SU-2026:2733-1
SUSE-SU-2026:2824-1
SUSE-SU-2026:2827-1
USN-8447-1

Affected Products

Linuxmint
Openssh
Ubuntu