CVE-2026-39835

EUVD-2026-31393
SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
golangcrypto
𝑥
< 0.52.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
golang-go.crypto
bookworm
vulnerable
bullseye
postponed
forky
1:0.53.0-1
fixed
sid
1:0.53.0-1
fixed
trixie
vulnerable
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
amazon-ssm-agent
suse enterprise sap 15 SP4
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP5
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP6
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP7
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP4
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP5
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP6
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP7
3.3.4624.0-150000.5.37.1
fixed
apptainer
suse enterprise server 15 SP6
1.5.1-150600.4.24.1
fixed
apptainer-sle15_6
suse enterprise server 15 SP6
1.5.1-150600.4.24.1
fixed
buildah
suse enterprise sap 15 SP7
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP4
1.35.5-150400.3.68.1
fixed
suse enterprise server 15 SP5
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP6
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP7
1.35.5-150500.3.62.1
fixed
google-guest-agent
suse enterprise sap 15 SP4
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP5
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP6
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP7
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP4
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP5
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP6
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP7
20260529.00-150000.1.70.1
fixed
google-osconfig-agent
suse enterprise sap 15 SP4
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP5
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP6
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP7
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP4
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP5
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP6
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP7
20260615.01-150000.1.55.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
containerd
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-debuginfo
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-debugsource
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-stress
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-stress-debuginfo
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
nerdctl
Amazon Linux 2
0:2.2.2-1.amzn2.0.3
fixed
Amazon Linux 2023
0:2.2.2-1.amzn2023.0.3
fixed
nerdctl-debuginfo
Amazon Linux 2
0:2.2.2-1.amzn2.0.3
fixed
rclone
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
rclone-debuginfo
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
rclone-debugsource
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
runfinch-finch
Amazon Linux 2023
0:1.17.1-1.amzn2023.0.2
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
cert-manager
Azure Linux 3.0
0:1.12.15-8.azl3
fixed
docker-buildx
Azure Linux 3.0
0:0.14.0-15.azl3
fixed
docker-compose
Azure Linux 3.0
0:2.27.0-13.azl3
fixed
kubernetes
Azure Linux 3.0
0:1.30.10-25.azl3
fixed
kubevirt
Azure Linux 3.0
0:1.7.1-5.azl3
fixed
moby-engine
Azure Linux 3.0
0:25.0.3-18.azl3
fixed
packer
Azure Linux 3.0
0:1.9.5-14.azl3
fixed
telegraf
Azure Linux 3.0
0:1.31.0-23.azl3
fixed