CVE-2026-46597: CVE-2026-46597: Remote Denial of Service in golang.org/x/crypto/ssh via AES-GCM Padding Integer Overflow

CVE-2026-46597: Remote Denial of Service in golang.org/x/crypto/ssh via AES-GCM Padding Integer Overflow

Vulnerability ID: CVE-2026-46597
CVSS Score: 7.5
Published: 2026-06-25

A high-severity Denial of Service (DoS) vulnerability (CVE-2026-46597 / GO-2026-5013) exists in the golang.org/x/crypto/ssh module before version v0.52.0. The flaw stems from an incorrect operator order during a type conversion of the GCM packet padding size, allowing a remote, unauthenticated attacker to trigger an out-of-bounds slice runtime panic and crash the Go process.

TL;DR

Unauthenticated remote attackers can crash Go-based SSH servers or clients using AES-GCM ciphers by exploiting an integer overflow in padding length checks.

---

Technical Details

• CWE ID: CWE-191 / CWE-704
• Attack Vector: Network (AV:N)
• CVSS v3.1 Score: 7.5 (High)
• EPSS Score: 0.00359 (27.78% percentile)
• Impact: Complete Denial of Service (A:H)
• Exploit Status: Unproven / No Public PoC
• CISA KEV Status: Not Listed

Affected Systems

• golang.org/x/crypto/ssh
• Docker
• containerd
• HashiCorp Vault
• Gitea
• Prometheus
• AWS Systems Manager Agent (SSM)
• cAdvisor
• Podman
• Trivy
• golang.org/x/crypto: < v0.52.0 (Fixed in: v0.52.0)

Code Analysis

Commit: abbc44d

ssh: fix type conversion order during GCM padding validation to prevent overflow

diff --git a/ssh/cipher.go b/ssh/cipher.go
index ad2b370..48d0199 100644
--- a/ssh/cipher.go
+++ b/ssh/cipher.go
@@ -407,7 +407,7 @@
        return nil, fmt.Errorf("ssh: illegal padding %d", padding)
    }

-   if int(padding+1) >= len(plain) {
+   if int(padding)+1 >= len(plain) {
        return nil, fmt.Errorf("ssh: padding %d too large", padding)
    }
    plain = plain[1 : length-uint32(padding)]

Mitigation Strategies

• Upgrade the golang.org/x/crypto module to version v0.52.0 or later and recompile downstream applications.
• Disable AES-GCM cipher suites (aes128-gcm@openssh.com, aes256-gcm@openssh.com) in the SSH server and client configurations.

Remediation Steps:

1. Update your go.mod file: run 'go get golang.org/x/crypto@v0.52.0'
2. Run 'go mod tidy' to update dependency trees.
3. Rebuild and redeploy all affected services and container images.
4. Verify dependencies across downstream microservices using SCA tools.

References

• Go Issue Tracker Tracker: Issue 79561
• Go Gerrit Change List CL 781620
• Go Gitiles Code Patch Commit abbc44d
• Go Vulnerability Database Entry GO-2026-5013
• Go Announcements Mailing List
• CVE Registry Entry CVE-2026-46597
• Wiz Vulnerability Advisory
• Shodan Search Queries

---

Read the full report for CVE-2026-46597 on our website for more details including interactive diagrams and full exploit analysis.