Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and DoS attacks

According to the Qualys Threat Research Unit (TRU), the MiTM vulnerability tracked as CVE-2025-26465 was introduced in December 2014, just before the release of OpenSSH 6.8p1. In other words, it was discovered more than a decade later.

The bug affects OpenSSH clients with the VerifyHostKeyDNS option enabled and allows cybercriminals to deliver MiTM attacks.

“The attack against the OpenSSH client (CVE-2025-26465) succeeds regardless of whether the VerifyHostKeyDNS option is set to “yes” or “ask” (its default is “no”), requires no user interaction, and does not depend on the existence of an SSHFP resource record (an SSH fingerprint) in DNS,” – Qualys TRU.

If VerifyHostKeyDNS is enabled, incorrect error handling allows an attacker to trigger an Out of Memory error during verification; as a result, the client may accept a malicious key instead of the legitimate server’s key.

After intercepting an SSH connection and providing a SSH key with excessive certificate extensions, an attacker can exhaust the client’s memory, circumvent host verification, and hijack the session with the purpose to steal credentials, inject commands, or exfiltrate data.

Even though in OpenSSH the VerifyHostKeyDNS option is disabled by default, in FreeBSD, it was enabled by default from September 2013 and until March 2023.

The second vulnerability, CVE-2025-26466, enabling a pre-authentication denial-of-service attack first appeared in the OpenSSH version 9.5p1 released in August 2023. The issue occurs due to unlimited memory allocation during key exchange, which results in uncontrolled resource consumption.

To exploit this vulnerability, an unauthorized attacker can repeatedly send small (16 bytes) ping messages, thus, forcing OpenSSH to buffer 256-byte responses.

During the key exchange, these responses are stored indefinitely, which causes excessive memory consumption and CPU overload, which can result in a system crash.

The OpenSSH developers have already released version 9.9p2 where both vulnerabilities are fixed and strongly advise all users to upgrade as soon as possible. It is also recommended to disable VerifyHostKeyDNS if this feature isn’t essential.