OpenSSH Vulnerabilities CVE-2025-26465 and CVE-2025-26466 Enable Man-in-the-Middle and DoS Attacks

On February 18, 2025, two critical vulnerabilities were disclosed in OpenSSH, a widely used secure networking utility suite. These flaws, identified as CVE-2025-26465 and CVE-2025-26466, pose significant security risks:

Discovery and Response

The vulnerabilities were uncovered by the Qualys Threat Research Unit (TRU). They affect OpenSSH client versions 6.8p1 through 9.9p1 and 9.5p1 through 9.9p1, respectively. The OpenSSH maintainers have addressed these issues in version 9.9p2, released on February 18, 2025.

Impact

• CVE-2025-26465: This vulnerability allows attackers to perform man-in-the-middle (MitM) attacks when the VerifyHostKeyDNS option is enabled. Exploitation could lead to unauthorized interception or tampering with SSH sessions. Notably, the VerifyHostKeyDNS option is disabled by default.
• CVE-2025-26466: This flaw enables pre-authentication denial-of-service (DoS) attacks, causing excessive memory and CPU consumption. Repeated exploitation can disrupt server management and lock out legitimate users.

Technical Details

CVE-2025-26465: MitM Attack via VerifyHostKeyDNS

The OpenSSH client relies on DNS-based verification when VerifyHostKeyDNS is enabled. This mechanism attempts to validate server host keys by retrieving SSHFP records from DNS. However, an attacker capable of performing an active MitM attack can exploit this feature by intercepting and modifying SSH key verification responses.

The core issue lies in how OpenSSH handles errors during the identity verification process. Specifically:

• The function verify_host_key_callback() processes the host key verification result. If verify_host_key()returns an error other than -1, the function incorrectly assumes success and proceeds with the connection.
• By inducing an out-of-memory (SSH_ERR_ALLOC_FAIL) condition within sshkey_from_private(), an attacker can manipulate the verification outcome, effectively bypassing host key validation.
• This flaw can be exploited regardless of whether the impersonated server has an SSHFP resource record.

While VerifyHostKeyDNS is disabled by default, it was enabled by default in FreeBSD systems from 2013 to 2023, increasing the risk for affected environments.

CVE-2025-26466: Asymmetric DoS via SSH Handshake Manipulation

This vulnerability arises from the way OpenSSH handles SSH handshake messages, particularly the SSH2_MSG_PING and SSH2_MSG_PONG exchange:

1. Memory Consumption Attack:
   • The attacker sends a stream of SSH2_MSG_PING packets.
   • Each received packet causes the server to generate an SSH2_MSG_PONG response, which is stored in memory before being transmitted.
   • During key exchange, these queued responses are not immediately processed, leading to an accumulation of unfreed memory.
   • This can exhaust system memory, resulting in a DoS condition.
2. CPU Consumption Attack:
   • When the key exchange completes, OpenSSH processes the stored SSH2_MSG_PONG packets in a highly inefficient manner.
   • Due to quadratic-time complexity (O(n^2)) in the buffer reallocation process, CPU usage skyrockets when handling large numbers of stored messages.
   • This can cause sustained high CPU load, preventing legitimate SSH connections from being established.
3. Mitigation Measures:
   • Server-side protections include configuring LoginGraceTime, MaxStartups, and PerSourcePenalties to limit abusive connection attempts.
   • However, OpenSSH clients remain vulnerable to memory exhaustion if interacting with a malicious server.

Recommended Actions

Organizations are advised to:

• Upgrade OpenSSH: Update to version 9.9p2 to mitigate these vulnerabilities.
• Review Configuration: Ensure that the VerifyHostKeyDNS option is disabled to prevent potential MitM attacks.
• Monitor Systems: Regularly check for unauthorized access attempts and unusual system behavior.

How Upwind Helps Protect Against CVE-2025-26465 and CVE-2025-26466

Upwind provides powerful tools to address and mitigate the risks associated with OpenSSH vulnerabilities.

1. Find Vulnerable Packages: Upwind identifies and monitors the use of OpenSSH client versions 6.8p1 through 9.9p1 and 9.5p1 through 9.9p1 in your environment. Using Upwind’s SBOM explorer, you can easily find affected packages and view which resources are using them.

2. Prioritize Risks: Understand the impact of these vulnerabilities in high-risk environments and prioritize upgrades or mitigations.

3. Continuous Monitoring: Upwind provides real-time detection of threats and potential exploits, guarding you again man-in-the-middle and DoS attacks.

Learn More

To learn more about how Upwind can help you rapidly locate packages affected by CVE-2025-26465 and CVE-2025-26466 or identify potential man-in-the-middle and DoS attacks, schedule a demo.