CVE-2025-58181

Published Nov 19, 2025

Last updated 5 months ago

CVSS medium 5.3
SSH

Overview

Description
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
Source
security@golang.org
NVD status
Analyzed
Products
crypto

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.3
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity
MEDIUM

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-770

Social media

Hype score
Not currently trending

  1. Critical #openSUSE Leap 16.0 docker-stable patch drops (2026-20366-1). Fixes CVE-2025-30204 (JWT parsing memory bomb, CVSS 8.7) and CVE-2025-58181. Read more: 👉 https://t.co/Amg4D0OmIw #Security https://t.co/DjhtmpXDLJ

    @Cezar_H_Linux

    18 Mar 2026

    116 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. New Docker vulnerability (CVE-2025-58181) patched in #SUSE Linux Micro 6.2. It's a moderate-severity memory exhaustion issue (CVSS 5.3). Unauthenticated remote attackers can potentially trigger it. Read more: 👉 https://t.co/g6gpfjsrU0 #Security https://t.co/NvaVJ9sPAK

    @Cezar_H_Linux

    5 Mar 2026

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Just 24hrs after CVE-2025-47913, CVE-2025-47914 and CVE-2025-58181 hit the @golang ecosystem, the team has remediated the CVEs across the entire @Docker Hardened Images catalog. It is nice to be fast but more importantly, this means security for our customers.

    @cdupuis

    21 Nov 2025

    70 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-58181 SSH Authentication Mechanism Parsing Vulnerability Leads ... https://t.co/ThYHrvdUei Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd

    @VulmonFeeds

    20 Nov 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.CVE-2026-35414
  2. In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).CVE-2026-35385
  3. Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.CVE-2026-3497
  4. A vulnerability allowing a low-privileged user to extract saved SSH credentials.CVE-2026-21670
  5. A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is considered difficult. The actual existence of this vulnerability is currently in question. Patch name: fdec3c90a15447bd538641d85e5a3e3ac981011d. To fix this issue, it is recommended to deploy a patch. The project maintainer explains: "Signature Malleability is not exploitable in SSH protocol. (...) [A] PoC doesn't exist for SSH implementation, but rather it's against the internal API."CVE-2026-3706

References

Sources include official advisories and independent security research.