Full Report
OpenSSH has released security updates addressing two vulnerabilities, a man-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. [...]
Analysis Summary
# Vulnerability: OpenSSH MiTM and DoS Flaws (CVE-2025-26465 & CVE-2025-26466)
## CVE Details
- **CVE ID:** CVE-2025-26465 (MiTM/Authentication Bypass)
- **CVE ID:** CVE-2025-26466 (Pre-authentication DoS)
- **CVSS Score:** Not explicitly provided, but based on context, **CVE-2025-26465** is high severity (MiTM/data theft) and **CVE-2025-26466** is high severity (Pre-auth DoS).
- **CWE:** Not explicitly provided.
## Affected Systems
- **Products:** OpenSSH (Both SSH client and server functionality are implicated, especially when `VerifyHostKeyDNS` is used).
- **Versions:**
- CVE-2025-26465: Affects versions where `VerifyHostKeyDNS` is enabled (Default behavior on FreeBSD from 2013 to 2023).
- CVE-2025-26466: Introduced in **OpenSSH 9.5p1** (Released August 2023).
- **Configurations:**
- CVE-2025-26465 requires the **`VerifyHostKeyDNS`** option to be enabled on the client side.
- CVE-2025-26466 is related to key exchange memory allocation mechanisms.
## Vulnerability Description
**CVE-2025-26465 (MiTM via DNS Verification Error Handling):**
This flaw exists due to improper error handling during SSH key verification when `VerifyHostKeyDNS` is active. An attacker can craft a large SSH key with excessive certificate extensions and force an out-of-memory error on the client during verification. This bypasses host verification, enabling the attacker to present a rogue server key, hijack the session, and perform credential theft or command injection. This does not require user interaction or the presence of an SSHFP record.
**CVE-2025-26466 (Pre-authentication Denial of Service):**
This vulnerability causes unrestricted memory allocation during the key exchange phase. An attacker can repeatedly send small (16-byte) ping messages which forces the server to buffer large (256-byte) responses indefinitely. This leads to excessive memory consumption and CPU overload, potentially resulting in a service crash before authentication occurs.
## Exploitation
- **Status:** PoC available (implied by research disclosure) for both, specifically citing the MiTM technique is possible.
- **Complexity:**
- CVE-2025-26465: Implies moderate complexity to time the memory exhaustion correctly.
- CVE-2025-26466: Low complexity (repeated small messages).
- **Attack Vector:** Network (Remote).
## Impact
| Impact | CVE-2025-26465 (MiTM) | CVE-2025-26466 (DoS) |
| :--- | :--- | :--- |
| **Confidentiality** | High (Credential theft, data exfiltration) | Low (Not directly applicable) |
| **Integrity** | High (Command injection) | Low (Data not altered) |
| **Availability** | Medium (Session hijack/disruption) | High (Service crash/unavailability) |
## Remediation
### Patches
- The OpenSSH team released **version 9.9p2**, which addresses both CVE-2025-26465 and CVE-2025-26466. Immediately upgrade to this version.
### Workarounds
1. **Disable `VerifyHostKeyDNS`:** Administrators are strongly recommended to disable the `VerifyHostKeyDNS` option unless its use is absolutely necessary, and instead rely on manual verification of host fingerprints.
2. **Connection Rate Limiting (DoS mitigation):** Enforce strict connection rate limits on SSH traffic to limit the ability of an attacker to rapidly send the trigger messages for the DoS attack.
3. **Monitoring:** Monitor SSH traffic for abnormal patterns during the key exchange phase.
## Detection
- **Indicators of Compromise:** High memory/CPU utilization on SSH servers, particularly during key exchange phases, correlating with numerous small connection attempts. Evidence of session hijacking where the host key was unexpectedly changed/accepted.
- **Detection Methods and Tools:** Network monitoring tools watching for high volumes of small, short-lived connection attempts targeting port 22 (or custom SSH ports). System monitoring tools detecting rapid resource exhaustion on the `sshd` process.
## References
- Vendor Advisory (OpenSSH Release Notes): hxxps://www.openssh.com/releasenotes.html
- Research Advisory (Qualys): hxxps://www.qualys.com/2025/02/18/openssh-mitm-dos.txt