CVE-2026-55653

EUVD-2026-38412
A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path. This occurs during FIPS (Federal Information Processing Standards) mode known-group validation when the client processes attacker-controlled DH-GEX group parameters. Successful exploitation leads to client-side process termination, resulting in a Denial of Service (DoS).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Debian logo
Debian Releases
Debian Product
Codename
openssh
bookworm
undetermined
bookworm (security)
undetermined
bullseye
undetermined
bullseye (security)
undetermined
forky
undetermined
sid
undetermined
trixie
undetermined
trixie (security)
undetermined
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://access.redhat.com/security/cve/CVE-2026-55653
https://bugzilla.redhat.com/show_bug.cgi?id=2462351