Invoking memory leak when rejecting channels can lead to DoS...

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Description

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for garbage collection.

Basic Information

ID CVE-2026-39827

Source Go

Published May 22, 2026 at 02:31

Modified May 22, 2026 at 18:35

Affected Product

Vendor golang.org/x/crypto

Product golang.org/x/crypto/ssh

Affected Versions golang.org/x/crypto golang.org/x/crypto/ssh 0

References

{
    "lastseen": "",
    "description": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for garbage collection.",
    "published": "2026-05-22T02:31:27.064Z",
    "modified": "2026-05-22T18:35:40.472Z",
    "type": "cve",
    "title": "Invoking  memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh",
    "source": "Go",
    "references": "https://go.dev/issue/35127\nhttps://go.dev/cl/781320\nhttps://groups.google.com/g/golang-announce/c/a082jnz-LvI\nhttps://pkg.go.dev/vuln/GO-2026-5016",
    "id": "CVE-2026-39827",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "golang.org/x/crypto golang.org/x/crypto/ssh 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "golang.org/x/crypto/ssh",
    "version": "0",
    "vendor": "golang.org/x/crypto",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh_CVE-2026-39827

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply