DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-39832: CVE-2026-39832: Silent Drop of Destination Constraints in golang.org/x/crypto SSH Agent Client

#security #cve #cybersecurity

CVE-2026-39832: Silent Drop of Destination Constraints in golang.org/x/crypto SSH Agent Client

Vulnerability ID: CVE-2026-39832
CVSS Score: 9.1
Published: 2026-06-25

A critical security flaw was identified in the Go package golang.org/x/crypto/ssh/agent. The vulnerability arises during the serialization of key constraints when adding SSH identities to a remote agent or an in-memory keyring. Specifically, custom constraint extensions, such as destination restrictions like restrict-destination-v00@openssh.com, were silently omitted from serialization in client requests. This omission allowed keys to be loaded into the remote agent with zero destination-based restrictions, enabling unauthorized users with access to the agent socket on intermediate hosts to authenticate to any downstream host without policy enforcement. The issue was resolved in version v0.52.0 of the golang.org/x/crypto library.

TL;DR

An issue in the Go SSH agent client silently drops custom key constraints during serialization, allowing attackers on a compromised jump host to reuse forwarded keys without restrictions and bypass security boundaries.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-281
  • Attack Vector: Network
  • CVSS v3.1 Score: 9.1
  • EPSS Score: 0.00397 (Percentile: 31.59%)
  • Impact: Unrestricted lateral movement via forwarded SSH keys
  • Exploit Status: Proof of Concept
  • CISA KEV Status: Not Listed

Affected Systems

  • golang.org/x/crypto/ssh/agent
  • golang.org/x/crypto: < 0.52.0 (Fixed in: 0.52.0)

Code Analysis

Commit: 778642

Fix serialization of custom agent constraint extensions in x/crypto/ssh/agent

Mitigation Strategies

  • Upgrade golang.org/x/crypto to version v0.52.0 or newer
  • Disable SSH Agent Forwarding on untrusted intermediate servers
  • Use native OpenSSH client implementations for operations requiring key constraints

Remediation Steps:

  1. Identify all projects importing golang.org/x/crypto.
  2. Execute 'go get golang.org/x/crypto@v0.52.0' to update the library.
  3. Run 'go mod tidy' to update the go.sum file.
  4. Recompile and redeploy the Go applications.
  5. Audit existing deployment tooling and jump hosts to verify if agent forwarding is active and modify SSH configurations to restrict agent forwarding where possible.

References

Read the full report for CVE-2026-39832 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)