
CVE-2025-26465 – Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled
https://notcve.org/view.php?id=CVE-2025-26465
18 Feb 2025 — A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. ssh(1) contains a logic error that allows an on-path attacker ... • https://github.com/rxerium/CVE-2025-26465 • CWE-390: Detection of Error Condition Without Action •

CVE-2024-39894 – Ubuntu Security Notice USN-6887-1
https://notcve.org/view.php?id=CVE-2024-39894
02 Jul 2024 — OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur. OpenSSH 9.5 a 9.7 anterior a 9.8 a veces permite ataques de sincronización contra la entrada de contraseña sin eco (por ejemplo, para su y Sudo) debido a un error lógico de ObscureKeystrokeTiming. De manera similar, podrían ocurrir otros ataques de sincronización contra... • http://www.openwall.com/lists/oss-security/2024/07/03/6 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVE-2024-6387 – Openssh: regresshion - race condition in ssh allows rce/dos
https://notcve.org/view.php?id=CVE-2024-6387
01 Jul 2024 — A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Se encontró una condición de ejecución del controlador de señales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anter... • https://packetstorm.news/files/id/179290 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-364: Signal Handler Race Condition •

CVE-2023-51767
https://notcve.org/view.php?id=CVE-2023-51767
24 Dec 2023 — OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. OpenSSH hasta 9.6, cuando se utilizan tipos comunes de DRAM, podría permitir row hammer attacks (para omitir la autenticación) porque el valor entero de autenticad... • https://access.redhat.com/security/cve/CVE-2023-51767 •

CVE-2023-51384 – Apple Security Advisory 03-07-2024-2
https://notcve.org/view.php?id=CVE-2023-51384
18 Dec 2023 — In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys. En ssh-agent en OpenSSH anterior a 9.6, ciertas restricciones de destino se pueden aplicar de forma incompleta. Cuando se especifican restricciones de destino durante la adición de claves privadas alojadas en PKCS#11, estas ... • http://seclists.org/fulldisclosure/2024/Mar/21 •

CVE-2023-51385 – openssh: potential command injection via shell metacharacters
https://notcve.org/view.php?id=CVE-2023-51385
18 Dec 2023 — In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. En ssh en OpenSSH anterior a 9.6, la inyección de comandos del sistema operativo puede ocurrir si un nombre de usuario o nombre de host tiene metacaracteres de shell, y un token de expansión hace referenci... • https://github.com/WOOOOONG/CVE-2023-51385 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •

CVE-2021-36368
https://notcve.org/view.php?id=CVE-2021-36368
12 Mar 2022 — An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not a... • https://bugzilla.mindrot.org/show_bug.cgi?id=3316 • CWE-287: Improper Authentication •

CVE-2019-25049
https://notcve.org/view.php?id=CVE-2019-25049
01 Jul 2021 — LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx). LibreSSL versiones 2.9.1 hasta 3.2.1, presenta una lectura fuera de límites en la función asn1_item_print_ctx (llamada desde asn1_template_print_ctx) • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13920 • CWE-125: Out-of-bounds Read •

CVE-2019-25048
https://notcve.org/view.php?id=CVE-2019-25048
01 Jul 2021 — LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print). LibreSSL versiones 2.9.1 hasta 3.2.1, presenta una lectura excesiva de búfer en la región heap de la memoria en la función do_print_ex (llamado desde asn1_item_print_ctx y ASN1_item_print) • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13914 • CWE-125: Out-of-bounds Read •