NIXPKGS-2025-0001

published on 13 May 2025

Permalink CVE-2025-26466

updated 8 months, 3 weeks ago by @mweinelt Activity log

Created automatic suggestion 11 months ago
@fricklerhandwerk accepted 10 months, 3 weeks ago
@mweinelt published on GitHub 8 months, 3 weeks ago

Openssh: denial-of-service in openssh

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

Affected products

rhcos

OpenSSH

=<9.9p1

openssh

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

nixos-unstable 9.9p1
- nixpkgs-unstable 9.9p1
- nixos-unstable-small 9.9p1

pkgs.opensshTest

Implementation of the SSH protocol

nixos-unstable 9.9p1
- nixpkgs-unstable 9.9p1
- nixos-unstable-small 9.9p1

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

nixos-unstable 9.9p1
- nixpkgs-unstable 9.9p1
- nixos-unstable-small 9.9p1

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

nixos-unstable 9.9p1
- nixpkgs-unstable 9.9p1
- nixos-unstable-small 9.9p1

Package maintainers

@Conni2461 Simon Hauser <simon-hauser@outlook.com>
@helsinki-Jo Joachim Ernst <joachim.ernst@helsinki-systems.de>
@dasJ Janne Heß <janne@hess.ooo>
@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@wahjava Ashish SHUKLA <ashish.is@lostca.se>

Nixpkgs Security Tracker