Skip to main content

golang.org/x/crypto CVE-2026-39835

| EUVDEUVD-2026-31393 MEDIUM
Improper Certificate Validation (CWE-295)
2026-05-22 Go GHSA-78mq-xcr3-xm33
5.3
CVSS 3.1 · Vendor: Go
Share

Severity by source

Vendor (Go) PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
SUSE
MEDIUM
qualitative

Primary rating from Vendor (Go).

CVSS VectorVendor: Go

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

4
Analysis Generated
May 28, 2026 - 15:08 vuln.today
CVSS changed
May 28, 2026 - 15:07 NVD
5.3 (None) 5.3 (MEDIUM)
Patch available
May 22, 2026 - 04:31 EUVD
CVE Published
May 22, 2026 - 02:31 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

AnalysisAI

Unauthenticated remote clients can crash SSH servers built with golang.org/x/crypto/ssh by presenting a certificate during the handshake when CertChecker is used as a public key callback without initializing IsUserAuthority or IsHostAuthority. All versions prior to 0.52.0 are affected; the nil function pointer dereference causes a Go runtime panic that terminates the SSH service. No public exploit code has been identified and EPSS places exploitation probability at the 1st percentile (0.01%), though the attack requires no authentication and low complexity per the CVSS vector.

Technical ContextAI

The Go extended cryptography module golang.org/x/crypto/ssh provides SSH server and client primitives. CertChecker is a helper struct designed to be supplied as the PublicKeyCallback in ssh.ServerConfig to validate client certificates during the SSH handshake. It exposes two function-typed fields - IsUserAuthority and IsHostAuthority - intended as callbacks for verifying certificate signing authorities. CWE-295 (Improper Certificate Validation) captures the root cause: when both callbacks are left unset (nil), CertChecker contains no guard against invoking a nil function pointer upon encountering a certificate from a connecting client. The Go runtime converts a nil function call into a panic, which propagates and crashes the serving goroutine or process unless explicitly recovered. The CPE cpe:2.3:a:golang.org/x/crypto:golang.org/x/crypto/ssh:*:*:*:*:*:*:*:* covers all affected versions. The fix, tracked in Go CL 781660, converts the panic into a returned error, restoring safe failure behavior.

RemediationAI

Upgrade golang.org/x/crypto to version 0.52.0 or later, where CertChecker returns a proper error instead of panicking when authority callbacks are nil; this is the vendor-released patch confirmed by EUVD-2026-31393 and the Go announcement at https://groups.google.com/g/golang-announce/c/a082jnz-LvI. Any binary that vendors golang.org/x/crypto/ssh must be rebuilt and redeployed after the dependency upgrade, as the fix is compiled in. For teams unable to upgrade immediately, an effective compensating control is to explicitly set both IsUserAuthority and IsHostAuthority on every CertChecker instance - even to a function that returns false - before passing it as a callback; this eliminates the nil dereference with no service disruption, though it may silently reject legitimate certificate-based authentication depending on the false-returning stub. Alternatively, replace CertChecker with a fully custom PublicKeyCallback implementation. Avoid relying on recovery middleware as a long-term mitigation, as unhandled panics in other paths may still terminate the process.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Leap 16.0 Fixed
openSUSE Tumbleweed Fixed
SLES15-SP6-CHOST-BYOS-GCE Fixed
SLES15-SP7-CHOST-BYOS-GCE Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed

Share

CVE-2026-39835 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy