Jan 2, 2026·7 min read·26 visits
OpenSSL trusted the user-supplied length field in Heartbeat packets without verifying the actual payload size. This allowed attackers to 'over-read' the heap, leaking sensitive data like SSL private keys and user passwords. It affected nearly two-thirds of the internet upon disclosure.
A catastrophic missing bounds check in the OpenSSL Heartbeat extension allowed remote attackers to read up to 64KB of process memory, exposing private keys, session tokens, and user credentials.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N| Product | Affected Versions | Fixed Version |
|---|---|---|
OpenSSL OpenSSL Software Foundation | 1.0.1 - 1.0.1f | 1.0.1g |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-126 (Buffer Over-read) |
| CVSS Score | 7.5 (High) |
| Attack Vector | Network |
| EPSS Score | 94.47% |
| Exploit Status | Active / Weaponized |
| Impact | Information Disclosure (Critical) |
The software reads from a buffer using length parameters that attacker can control, allowing access to memory outside the intended buffer.
A Denial of Service (DoS) vulnerability exists in the Go SSH implementation package (golang.org/x/crypto/ssh). The vulnerability is caused by a null pointer dereference (runtime panic) when CertChecker is utilized as a public key callback but its validation fields, IsUserAuthority or IsHostAuthority, are uninitialized.
An unbounded memory leak vulnerability in the Go SSH package (golang.org/x/crypto/ssh) allows authenticated users to crash the server by repeatedly requesting connection channels that are rejected, leading to system resource exhaustion.
A denial-of-service (DoS) and resource leak vulnerability in the Go SSH package (golang.org/x/crypto/ssh) allows a malicious peer to permanently deadlock connection processing loops and leak memory. This issue stems from improper handling of unsolicited responses at the global and channel layers, which saturate internal bounded channel buffers and block the main multiplexer loop. The vulnerability is fully resolved in version 0.52.0.
A high-severity Denial of Service (DoS) vulnerability exists in the golang.org/x/crypto/ssh package prior to version 0.52.0. The vulnerability is caused by a lack of size and range validation on incoming RSA and DSA public key parameters during SSH authentication. An unauthenticated attacker can submit a crafted public key with pathologically large parameters, triggering intensive CPU computation during signature verification and leading to a complete Denial of Service.
An authentication bypass vulnerability was identified in the golang.org/x/crypto/ssh package. The library's verification logic for FIDO/U2F security keys failed to check the User Presence (UP) flag. This omission allows an attacker with access to a hardware token interface or an agent-forwarding socket to authenticate without physical user interaction.
A critical vulnerability exists in the Go SSH sub-repository (golang.org/x/crypto/ssh) before version 0.52.0. When an application writes payloads of 4GB or larger in a single write operation, integer truncation in the remote window calculation causes an infinite loop. This results in complete CPU core exhaustion and a denial-of-service condition.