Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionGitHub Advisory
Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth (e.g., for 2FA/TOTP) with a single malformed packet, requiring no credentials. This issue has been patched in version 0.60.1.
AnalysisAI
Pre-authentication denial-of-service in russh SSH server library allows remote attackers to crash servers implementing keyboard-interactive authentication via a single malformed packet. Affects russh versions prior to 0.60.1. Attacker sends crafted SSH_MSG_USERAUTH_INFO_RESPONSE with inflated allocation count (e.g., 0x10000000), triggering multi-gigabyte memory allocation and OOM crash before any credential validation occurs. Vendor-released patch available (v0.60.1) bounds allocation to remaining packet data. Confirmed working exploit code exists per GitHub security advisory GHSA-f5v4-2wr6-hqmg. CVSS 7.5 (High) with network vector, low complexity, no privileges required.
Technical ContextAI
The vulnerability lies in russh's implementation of SSH RFC 4256 keyboard-interactive authentication. The server's read_userauth_info_response function in russh/src/server/encrypted.rs decodes a client-controlled u32 count field from SSH_MSG_USERAUTH_INFO_RESPONSE packets and passes it directly to Vec::with_capacity() without validation. In Rust, Vec::with_capacity(n) pre-allocates memory for n elements, where each element is Option<Bytes> (~24 bytes on 64-bit systems). A malicious client can specify n=0x10000000 (268 million) in a minimal ~50-byte packet, forcing the server to attempt allocating ~6.4GB of contiguous memory, exceeding system limits and triggering OOM termination. This is a classic CWE-770 (Allocation of Resources Without Limits or Throttling) vulnerability in the SSH protocol implementation layer. The issue occurs during the authentication negotiation phase, specifically when the server sends keyboard-interactive prompts (common for 2FA/TOTP implementations) and awaits client responses. The attack exploits the gap between SSH key exchange (which establishes encryption but not authentication) and actual credential validation.
RemediationAI
Upgrade russh to version 0.60.1 or later, which implements allocation bounds based on remaining packet data (commit 6c3c80a9b6d60763d6227d60fa8310e57172a4d1). The fix limits Vec::with_capacity(n) to max_responses = (r.remaining_len() + 3) / 4, preventing multi-GB allocations from small packets. Update Cargo.toml dependency: russh = "0.60.1", rebuild, and redeploy. For environments unable to immediately upgrade: (1) Disable keyboard-interactive authentication at the handler level by ensuring auth_keyboard_interactive returns Auth::reject() instead of Auth::Partial - trade-off: loss of 2FA/TOTP workflows; (2) Deploy rate-limiting at the network edge (firewall/load balancer) to throttle SSH connection attempts per source IP - trade-off: legitimate users may be blocked during bursts, and attackers can rotate IPs to bypass; (3) Set conservative memory limits (e.g., Linux cgroup memory.max) for the russh server process to trigger controlled restart rather than system-wide OOM - trade-off: same DoS outcome but protects other services. Patch is strongly preferred; workarounds only buy time. Advisory: https://github.com/Eugeny/russh/security/advisories/GHSA-f5v4-2wr6-hqmg. Commit diff: https://github.com/Eugeny/russh/commit/6c3c80a9b6d60763d6227d60fa8310e57172a4d1.
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
Russh is a Rust SSH client & server library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable,
russh is a Rust SSH client and server library. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploita
Denial of service in Russh (Rust SSH client/server library) versions 0.34.0 through 0.60.x allows remote SSH peers to tr
Denial of service in Russh (versions 0.37.0-0.60.x), a Rust SSH client and server library, allows a malicious SSH server
Russh is a Rust SSH client & server library. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitabl
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28822