{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-39830","assignerOrgId":"1bb62c36-49e3-4200-9d77-64a1400537cc","state":"PUBLISHED","assignerShortName":"Go","dateReserved":"2026-04-07T18:13:03.528Z","datePublished":"2026-05-22T02:31:27.208Z","dateUpdated":"2026-07-09T12:09:14.178Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1bb62c36-49e3-4200-9d77-64a1400537cc","shortName":"Go","dateUpdated":"2026-05-22T02:31:27.208Z"},"title":"Invoking  client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh","descriptions":[{"lang":"en","value":"A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded."}],"affected":[{"vendor":"golang.org/x/crypto","product":"golang.org/x/crypto/ssh","collectionURL":"https://pkg.go.dev","packageName":"golang.org/x/crypto/ssh","versions":[{"version":"0","lessThan":"0.52.0","status":"affected","versionType":"semver"}],"programRoutines":[{"name":"mux.SendRequest"},{"name":"mux.handleGlobalPacket"},{"name":"channel.handlePacket"},{"name":"channel.SendRequest"},{"name":"Client.Listen"},{"name":"Client.ListenTCP"},{"name":"Client.ListenUnix"},{"name":"Dial"},{"name":"NewClientConn"},{"name":"NewServerConn"},{"name":"Session.CombinedOutput"},{"name":"Session.Output"},{"name":"Session.RequestPty"},{"name":"Session.RequestSubsystem"},{"name":"Session.Run"},{"name":"Session.SendRequest"},{"name":"Session.Setenv"},{"name":"Session.Shell"},{"name":"Session.Signal"},{"name":"Session.Start"},{"name":"Session.WindowChange"},{"name":"tcpListener.Close"},{"name":"unixListener.Close"}],"defaultStatus":"unaffected"}],"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-833: Deadlock"}]}],"references":[{"url":"https://go.dev/issue/79564"},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI"},{"url":"https://go.dev/cl/781640"},{"url":"https://go.dev/cl/781664"},{"url":"https://pkg.go.dev/vuln/GO-2026-5017"}],"credits":[{"lang":"en","value":"NCC Group Cryptography Services, sponsored by Teleport"}]},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.1,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2026-05-22T18:54:26.306252Z","id":"CVE-2026-39830","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-22T18:54:54.686Z"}},{"affected":[{"cpes":["cpe:/a:redhat:edge_manager:1.0::el9"],"defaultStatus":"affected","product":"RHEM 1.0 for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream (v. 10)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream (v. 8)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream (v. 9)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:devworkspace:0.42::el9"],"defaultStatus":"affected","product":"DevWorkspace Operator 0.42","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4.10::el8"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Security for Kubernetes 4.10","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4.11::el9"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Security for Kubernetes 4.11","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4.9::el8"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Security for Kubernetes 4.9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:edge_manager:1.0::el9"],"defaultStatus":"affected","product":"Red Hat Edge Manager 1.0","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Builds 1.7.4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:trusted_artifact_signer:1.4::el9"],"defaultStatus":"affected","product":"Red Hat Trusted Artifact Signer 1.4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:assisted_installer:2"],"defaultStatus":"affected","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:cert_manager:1"],"defaultStatus":"affected","product":"cert-manager Operator for Red Hat OpenShift","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:confidential_compute_attestation:1"],"defaultStatus":"affected","product":"Confidential Compute Attestation","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:external_secrets_operator:1"],"defaultStatus":"affected","product":"External Secrets Operator for Red Hat OpenShift","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine"],"defaultStatus":"affected","product":"Multicluster Engine for Kubernetes","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_api_data_protection:1"],"defaultStatus":"affected","product":"OpenShift API for Data Protection","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_pipelines:1"],"defaultStatus":"affected","product":"OpenShift Pipelines","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:serverless:1"],"defaultStatus":"affected","product":"OpenShift Serverless","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Management for Kubernetes 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Security 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ceph_storage:9"],"defaultStatus":"affected","product":"Red Hat Ceph Storage 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:edge_manager:1"],"defaultStatus":"affected","product":"Red Hat Edge Manager 1","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai"],"defaultStatus":"affected","product":"Red Hat OpenShift AI (RHOAI)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_devspaces:3"],"defaultStatus":"affected","product":"Red Hat OpenShift Dev Spaces","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:windows_machine_config"],"defaultStatus":"affected","product":"Red Hat OpenShift for Windows Containers","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_gitops:1"],"defaultStatus":"affected","product":"Red Hat OpenShift GitOps","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_service_on_aws:1"],"defaultStatus":"affected","product":"Red Hat OpenShift on AWS","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:container_native_virtualization:4"],"defaultStatus":"affected","product":"Red Hat OpenShift Virtualization 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openstack:16.2"],"defaultStatus":"affected","product":"Red Hat OpenStack Platform 16.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openstack:17.1"],"defaultStatus":"affected","product":"Red Hat OpenStack Platform 17.1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3"],"defaultStatus":"affected","product":"Red Hat Quay 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:trusted_artifact_signer:1"],"defaultStatus":"affected","product":"Red Hat Trusted Artifact Signer","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_security_profiles_operator:1"],"defaultStatus":"affected","product":"Security Profiles Operator","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"],"defaultStatus":"affected","product":"Zero Trust Workload Identity Manager","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"],"defaultStatus":"affected","product":"Zero Trust Workload Identity Manager - Tech Preview","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:cryostat:4"],"defaultStatus":"unaffected","product":"Cryostat 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_data_foundation:4"],"defaultStatus":"unaffected","product":"Red Hat Openshift Data Foundation 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openstack:18.0"],"defaultStatus":"unaffected","product":"Red Hat OpenStack Platform 18.0","vendor":"Red Hat"}],"datePublic":"2026-05-22T02:31:27.208Z","descriptions":[{"lang":"en","value":"A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-772","description":"Missing Release of Resource after Effective Lifetime","lang":"en","type":"CWE"}]}],"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-39830"},{"name":"RHBZ#2480684","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480684"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39830.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36796"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36199"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:37072"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:35833"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:29455"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36808"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36625"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36207"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36319"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36651"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36648"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36797"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:37271"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:37268"}],"solutions":[{"lang":"en","value":"RHSA-2026:36796: RHEM 1.0 for RHEL 9"},{"lang":"en","value":"RHSA-2026:36199: Red Hat Enterprise Linux AppStream (v. 10)"},{"lang":"en","value":"RHSA-2026:37072: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"},{"lang":"en","value":"RHSA-2026:35833: Red Hat Enterprise Linux AppStream (v. 8)"},{"lang":"en","value":"RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)"},{"lang":"en","value":"RHSA-2026:36808: DevWorkspace Operator 0.42"},{"lang":"en","value":"RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10"},{"lang":"en","value":"RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11"},{"lang":"en","value":"RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9"},{"lang":"en","value":"RHSA-2026:36651: Red Hat Edge Manager 1.0"},{"lang":"en","value":"RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4"},{"lang":"en","value":"RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4"},{"lang":"en","value":"RHSA-2026:37271: Red Hat Trusted Artifact Signer 1.4"},{"lang":"en","value":"RHSA-2026:37268: Red Hat Trusted Artifact Signer 1.4"}],"timeline":[{"lang":"en","time":"2026-05-22T04:01:38.517Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-05-22T02:31:27.208Z","value":"Made public."}],"title":"golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses","workarounds":[{"lang":"en","value":"To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"},"providerMetadata":{"orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP","dateUpdated":"2026-07-09T12:09:14.178Z"}}]}}