CVE-2025-26465

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-26465
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-26465.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-26465
Downstream
Related
Published
2025-02-18T19:15:29Z
Modified
2025-09-10T13:11:50.954717Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

References

Affected packages

Alpine:v3.18 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.3_p2-r3

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r0
5.4_p1-r1
5.4_p1-r2
5.4_p1-r3
5.5_p1-r0
5.6_p1-r0
5.6_p1-r1
5.8_p1-r0
5.8_p1-r1
5.8_p1-r2
5.8_p2-r0
5.8_p2-r1
5.8_p2-r2
5.9_p1-r0
5.9_p1-r1
5.9_p1-r2

6.*

6.0_p1-r0
6.1_p1-r0
6.1_p1-r1
6.1_p1-r2
6.2_p1-r0
6.2_p2-r0
6.2_p2-r1
6.2_p2-r2
6.3_p1-r0
6.3_p1-r1
6.3_p1-r2
6.4_p1-r0
6.4_p1-r1
6.6_p1-r0
6.6_p1-r1
6.6_p1-r2
6.6_p1-r3
6.6_p1-r4
6.6_p1-r5
6.6_p1-r6
6.7_p1-r0
6.8_p1-r0
6.8_p1-r1
6.8_p1-r2
6.9_p1-r0
6.9_p1-r1
6.9_p1-r2
6.9_p1-r3
6.9_p1-r4
6.9_p1-r5

7.*

7.1_p1-r0
7.1_p1-r1
7.1_p2-r0
7.2_p1-r0
7.2_p2-r0
7.2_p2-r1
7.3_p1-r0
7.3_p1-r1
7.3_p1-r2
7.4_p1-r0
7.4_p1-r1
7.4_p1-r2
7.5_p1-r0
7.5_p1-r1
7.5_p1-r2
7.5_p1-r3
7.5_p1-r4
7.5_p1-r5
7.5_p1-r6
7.5_p1-r7
7.5_p1-r8
7.6_p1-r0
7.6_p1-r1
7.7_p1-r0
7.7_p1-r1
7.7_p1-r2
7.7_p1-r3
7.7_p1-r4
7.8_p1-r0
7.9_p1-r0
7.9_p1-r1
7.9_p1-r2
7.9_p1-r3
7.9_p1-r4
7.9_p1-r5

8.*

8.0_p1-r0
8.0_p1-r1
8.0_p1-r2
8.1_p1-r0
8.2_p1-r0
8.3_p1-r0
8.4_p1-r0
8.4_p1-r1
8.4_p1-r2
8.4_p1-r3
8.5_p1-r0
8.5_p1-r1
8.5_p1-r2
8.6_p1-r0
8.6_p1-r1
8.6_p1-r2
8.6_p1-r3
8.6_p1-r4
8.8_p1-r0
8.8_p1-r1
8.8_p1-r2
8.8_p1-r3
8.8_p1-r4
8.9_p1-r0

9.*

9.0_p1-r0
9.0_p1-r1
9.0_p1-r2
9.0_p1-r3
9.0_p1-r4
9.1_p1-r0
9.1_p1-r1
9.2_p1-r0
9.2_p1-r1
9.2_p1-r2
9.2_p1-r3
9.2_p1-r4
9.3_p1-r0
9.3_p1-r1
9.3_p1-r2
9.3_p1-r3
9.3_p2-r0
9.3_p2-r1
9.3_p2-r2

Alpine:v3.19 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.6_p1-r2

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r0
5.4_p1-r1
5.4_p1-r2
5.4_p1-r3
5.5_p1-r0
5.6_p1-r0
5.6_p1-r1
5.8_p1-r0
5.8_p1-r1
5.8_p1-r2
5.8_p2-r0
5.8_p2-r1
5.8_p2-r2
5.9_p1-r0
5.9_p1-r1
5.9_p1-r2

6.*

6.0_p1-r0
6.1_p1-r0
6.1_p1-r1
6.1_p1-r2
6.2_p1-r0
6.2_p2-r0
6.2_p2-r1
6.2_p2-r2
6.3_p1-r0
6.3_p1-r1
6.3_p1-r2
6.4_p1-r0
6.4_p1-r1
6.6_p1-r0
6.6_p1-r1
6.6_p1-r2
6.6_p1-r3
6.6_p1-r4
6.6_p1-r5
6.6_p1-r6
6.7_p1-r0
6.8_p1-r0
6.8_p1-r1
6.8_p1-r2
6.9_p1-r0
6.9_p1-r1
6.9_p1-r2
6.9_p1-r3
6.9_p1-r4
6.9_p1-r5

7.*

7.1_p1-r0
7.1_p1-r1
7.1_p2-r0
7.2_p1-r0
7.2_p2-r0
7.2_p2-r1
7.3_p1-r0
7.3_p1-r1
7.3_p1-r2
7.4_p1-r0
7.4_p1-r1
7.4_p1-r2
7.5_p1-r0
7.5_p1-r1
7.5_p1-r2
7.5_p1-r3
7.5_p1-r4
7.5_p1-r5
7.5_p1-r6
7.5_p1-r7
7.5_p1-r8
7.6_p1-r0
7.6_p1-r1
7.7_p1-r0
7.7_p1-r1
7.7_p1-r2
7.7_p1-r3
7.7_p1-r4
7.8_p1-r0
7.9_p1-r0
7.9_p1-r1
7.9_p1-r2
7.9_p1-r3
7.9_p1-r4
7.9_p1-r5

8.*

8.0_p1-r0
8.0_p1-r1
8.0_p1-r2
8.1_p1-r0
8.2_p1-r0
8.3_p1-r0
8.4_p1-r0
8.4_p1-r1
8.4_p1-r2
8.4_p1-r3
8.5_p1-r0
8.5_p1-r1
8.5_p1-r2
8.6_p1-r0
8.6_p1-r1
8.6_p1-r2
8.6_p1-r3
8.6_p1-r4
8.8_p1-r0
8.8_p1-r1
8.8_p1-r2
8.8_p1-r3
8.8_p1-r4
8.9_p1-r0

9.*

9.0_p1-r0
9.0_p1-r1
9.0_p1-r2
9.0_p1-r3
9.0_p1-r4
9.1_p1-r0
9.1_p1-r1
9.2_p1-r0
9.2_p1-r1
9.2_p1-r2
9.2_p1-r3
9.2_p1-r4
9.3_p1-r0
9.3_p1-r1
9.3_p1-r2
9.3_p1-r3
9.3_p1-r4
9.3_p1-r5
9.3_p1-r6
9.3_p1-r7
9.3_p2-r0
9.3_p2-r1
9.3_p2-r2
9.4_p1-r0
9.5_p1-r0
9.6_p1-r0
9.6_p1-r1

Alpine:v3.20 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.7_p1-r5

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r0
5.4_p1-r1
5.4_p1-r2
5.4_p1-r3
5.5_p1-r0
5.6_p1-r0
5.6_p1-r1
5.8_p1-r0
5.8_p1-r1
5.8_p1-r2
5.8_p2-r0
5.8_p2-r1
5.8_p2-r2
5.9_p1-r0
5.9_p1-r1
5.9_p1-r2

6.*

6.0_p1-r0
6.1_p1-r0
6.1_p1-r1
6.1_p1-r2
6.2_p1-r0
6.2_p2-r0
6.2_p2-r1
6.2_p2-r2
6.3_p1-r0
6.3_p1-r1
6.3_p1-r2
6.4_p1-r0
6.4_p1-r1
6.6_p1-r0
6.6_p1-r1
6.6_p1-r2
6.6_p1-r3
6.6_p1-r4
6.6_p1-r5
6.6_p1-r6
6.7_p1-r0
6.8_p1-r0
6.8_p1-r1
6.8_p1-r2
6.9_p1-r0
6.9_p1-r1
6.9_p1-r2
6.9_p1-r3
6.9_p1-r4
6.9_p1-r5

7.*

7.1_p1-r0
7.1_p1-r1
7.1_p2-r0
7.2_p1-r0
7.2_p2-r0
7.2_p2-r1
7.3_p1-r0
7.3_p1-r1
7.3_p1-r2
7.4_p1-r0
7.4_p1-r1
7.4_p1-r2
7.5_p1-r0
7.5_p1-r1
7.5_p1-r2
7.5_p1-r3
7.5_p1-r4
7.5_p1-r5
7.5_p1-r6
7.5_p1-r7
7.5_p1-r8
7.6_p1-r0
7.6_p1-r1
7.7_p1-r0
7.7_p1-r1
7.7_p1-r2
7.7_p1-r3
7.7_p1-r4
7.8_p1-r0
7.9_p1-r0
7.9_p1-r1
7.9_p1-r2
7.9_p1-r3
7.9_p1-r4
7.9_p1-r5

8.*

8.0_p1-r0
8.0_p1-r1
8.0_p1-r2
8.1_p1-r0
8.2_p1-r0
8.3_p1-r0
8.4_p1-r0
8.4_p1-r1
8.4_p1-r2
8.4_p1-r3
8.5_p1-r0
8.5_p1-r1
8.5_p1-r2
8.6_p1-r0
8.6_p1-r1
8.6_p1-r2
8.6_p1-r3
8.6_p1-r4
8.8_p1-r0
8.8_p1-r1
8.8_p1-r2
8.8_p1-r3
8.8_p1-r4
8.9_p1-r0

9.*

9.0_p1-r0
9.0_p1-r1
9.0_p1-r2
9.0_p1-r3
9.0_p1-r4
9.1_p1-r0
9.1_p1-r1
9.2_p1-r0
9.2_p1-r1
9.2_p1-r2
9.2_p1-r3
9.2_p1-r4
9.3_p1-r0
9.3_p1-r1
9.3_p1-r2
9.3_p1-r3
9.3_p1-r4
9.3_p1-r5
9.3_p1-r6
9.3_p1-r7
9.3_p2-r0
9.3_p2-r1
9.3_p2-r2
9.4_p1-r0
9.5_p1-r0
9.6_p1-r0
9.7_p1-r0
9.7_p1-r1
9.7_p1-r2
9.7_p1-r3
9.7_p1-r4

Alpine:v3.21 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.9_p2-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r0
5.4_p1-r1
5.4_p1-r2
5.4_p1-r3
5.5_p1-r0
5.6_p1-r0
5.6_p1-r1
5.8_p1-r0
5.8_p1-r1
5.8_p1-r2
5.8_p2-r0
5.8_p2-r1
5.8_p2-r2
5.9_p1-r0
5.9_p1-r1
5.9_p1-r2

6.*

6.0_p1-r0
6.1_p1-r0
6.1_p1-r1
6.1_p1-r2
6.2_p1-r0
6.2_p2-r0
6.2_p2-r1
6.2_p2-r2
6.3_p1-r0
6.3_p1-r1
6.3_p1-r2
6.4_p1-r0
6.4_p1-r1
6.6_p1-r0
6.6_p1-r1
6.6_p1-r2
6.6_p1-r3
6.6_p1-r4
6.6_p1-r5
6.6_p1-r6
6.7_p1-r0
6.8_p1-r0
6.8_p1-r1
6.8_p1-r2
6.9_p1-r0
6.9_p1-r1
6.9_p1-r2
6.9_p1-r3
6.9_p1-r4
6.9_p1-r5

7.*

7.1_p1-r0
7.1_p1-r1
7.1_p2-r0
7.2_p1-r0
7.2_p2-r0
7.2_p2-r1
7.3_p1-r0
7.3_p1-r1
7.3_p1-r2
7.4_p1-r0
7.4_p1-r1
7.4_p1-r2
7.5_p1-r0
7.5_p1-r1
7.5_p1-r2
7.5_p1-r3
7.5_p1-r4
7.5_p1-r5
7.5_p1-r6
7.5_p1-r7
7.5_p1-r8
7.6_p1-r0
7.6_p1-r1
7.7_p1-r0
7.7_p1-r1
7.7_p1-r2
7.7_p1-r3
7.7_p1-r4
7.8_p1-r0
7.9_p1-r0
7.9_p1-r1
7.9_p1-r2
7.9_p1-r3
7.9_p1-r4
7.9_p1-r5

8.*

8.0_p1-r0
8.0_p1-r1
8.0_p1-r2
8.1_p1-r0
8.2_p1-r0
8.3_p1-r0
8.4_p1-r0
8.4_p1-r1
8.4_p1-r2
8.4_p1-r3
8.5_p1-r0
8.5_p1-r1
8.5_p1-r2
8.6_p1-r0
8.6_p1-r1
8.6_p1-r2
8.6_p1-r3
8.6_p1-r4
8.8_p1-r0
8.8_p1-r1
8.8_p1-r2
8.8_p1-r3
8.8_p1-r4
8.9_p1-r0

9.*

9.0_p1-r0
9.0_p1-r1
9.0_p1-r2
9.0_p1-r3
9.0_p1-r4
9.1_p1-r0
9.1_p1-r1
9.2_p1-r0
9.2_p1-r1
9.2_p1-r2
9.2_p1-r3
9.2_p1-r4
9.3_p1-r0
9.3_p1-r1
9.3_p1-r2
9.3_p1-r3
9.3_p1-r4
9.3_p1-r5
9.3_p1-r6
9.3_p1-r7
9.3_p2-r0
9.3_p2-r1
9.3_p2-r2
9.4_p1-r0
9.5_p1-r0
9.6_p1-r0
9.7_p1-r0
9.7_p1-r1
9.7_p1-r2
9.7_p1-r3
9.8_p1-r0
9.8_p1-r1
9.9_p1-r0
9.9_p1-r1
9.9_p1-r2

Alpine:v3.22 / openssh

Package

Name
openssh
Purl
pkg:apk/alpine/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.9_p2-r0

Affected versions

5.*

5.1p1-r0
5.1_p1-r1
5.1_p1-r2
5.2_p1-r0
5.2_p1-r1
5.2_p1-r2
5.2_p1-r3
5.3_p1-r3
5.4_p1-r0
5.4_p1-r1
5.4_p1-r2
5.4_p1-r3
5.5_p1-r0
5.6_p1-r0
5.6_p1-r1
5.8_p1-r0
5.8_p1-r1
5.8_p1-r2
5.8_p2-r0
5.8_p2-r1
5.8_p2-r2
5.9_p1-r0
5.9_p1-r1
5.9_p1-r2

6.*

6.0_p1-r0
6.1_p1-r0
6.1_p1-r1
6.1_p1-r2
6.2_p1-r0
6.2_p2-r0
6.2_p2-r1
6.2_p2-r2
6.3_p1-r0
6.3_p1-r1
6.3_p1-r2
6.4_p1-r0
6.4_p1-r1
6.6_p1-r0
6.6_p1-r1
6.6_p1-r2
6.6_p1-r3
6.6_p1-r4
6.6_p1-r5
6.6_p1-r6
6.7_p1-r0
6.8_p1-r0
6.8_p1-r1
6.8_p1-r2
6.9_p1-r0
6.9_p1-r1
6.9_p1-r2
6.9_p1-r3
6.9_p1-r4
6.9_p1-r5

7.*

7.1_p1-r0
7.1_p1-r1
7.1_p2-r0
7.2_p1-r0
7.2_p2-r0
7.2_p2-r1
7.3_p1-r0
7.3_p1-r1
7.3_p1-r2
7.4_p1-r0
7.4_p1-r1
7.4_p1-r2
7.5_p1-r0
7.5_p1-r1
7.5_p1-r2
7.5_p1-r3
7.5_p1-r4
7.5_p1-r5
7.5_p1-r6
7.5_p1-r7
7.5_p1-r8
7.6_p1-r0
7.6_p1-r1
7.7_p1-r0
7.7_p1-r1
7.7_p1-r2
7.7_p1-r3
7.7_p1-r4
7.8_p1-r0
7.9_p1-r0
7.9_p1-r1
7.9_p1-r2
7.9_p1-r3
7.9_p1-r4
7.9_p1-r5

8.*

8.0_p1-r0
8.0_p1-r1
8.0_p1-r2
8.1_p1-r0
8.2_p1-r0
8.3_p1-r0
8.4_p1-r0
8.4_p1-r1
8.4_p1-r2
8.4_p1-r3
8.5_p1-r0
8.5_p1-r1
8.5_p1-r2
8.6_p1-r0
8.6_p1-r1
8.6_p1-r2
8.6_p1-r3
8.6_p1-r4
8.8_p1-r0
8.8_p1-r1
8.8_p1-r2
8.8_p1-r3
8.8_p1-r4
8.9_p1-r0

9.*

9.0_p1-r0
9.0_p1-r1
9.0_p1-r2
9.0_p1-r3
9.0_p1-r4
9.1_p1-r0
9.1_p1-r1
9.2_p1-r0
9.2_p1-r1
9.2_p1-r2
9.2_p1-r3
9.2_p1-r4
9.3_p1-r0
9.3_p1-r1
9.3_p1-r2
9.3_p1-r3
9.3_p1-r4
9.3_p1-r5
9.3_p1-r6
9.3_p1-r7
9.3_p2-r0
9.3_p2-r1
9.3_p2-r2
9.4_p1-r0
9.5_p1-r0
9.6_p1-r0
9.7_p1-r0
9.7_p1-r1
9.7_p1-r2
9.7_p1-r3
9.8_p1-r0
9.8_p1-r1
9.9_p1-r0
9.9_p1-r1
9.9_p1-r2

Debian:11 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:8.4p1-5+deb11u4

Affected versions

1:8.*

1:8.4p1-5
1:8.4p1-5+deb11u1
1:8.4p1-5+deb11u2
1:8.4p1-5+deb11u3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.2p1-2+deb12u5

Affected versions

1:9.*

1:9.2p1-2
1:9.2p1-2+deb12u1
1:9.2p1-2+deb12u2
1:9.2p1-2+deb12u3
1:9.2p1-2+deb12u4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.9p2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.9p2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/openssh/openssh-portable

Affected ranges

Type
GIT
Repo
https://github.com/openssh/openssh-portable
Events
Last affected
485bab886137bbf8b7ec8df82bd66dc6e5654371
Last affected
53a80baaebda180f46e6e8571f3ff800e1f5c496
Introduced
7de4b03a6e4071d454b72927ffaf52949fa34545
Last affected
6849957945754e6551e515f41e8cf3937cda222d
Last affected
9f82e5a9042f2d872e98f48a876fcab3e25dd9bb

Affected versions

Other

V_6_9_P1
V_7_0_P1
V_7_1_P1
V_7_2_P1
V_7_3_P1
V_7_4_P1
V_7_5_P1
V_7_6_P1
V_7_7_P1
V_7_8_P1
V_7_9_P1
V_8_0_P1
V_8_1_P1
V_8_2_P1
V_8_4_P1
V_8_5_P1
V_8_6_P1
V_8_7_P1
V_8_8_P1
V_8_9_P1
V_9_0_P1
V_9_1_P1
V_9_2_P1
V_9_3_P1
V_9_5_P1
V_9_6_P1
V_9_7_P1
V_9_8_P1
V_9_9_P1