Security researchers at Qualys have discovered two vulnerabilities in OpenSSH. The more dangerous of the two allows attackers to perform a man-in-the-middle attack when the VerifyHostKeyDNS option is enabled.
The first vulnerability (CVE-2025-26465) allows attackers to completely bypass server identity verification when a vulnerable client connects. This is possible when VerifyHostKeyDNS is set to yes or ask, without requiring user interaction. This is a departure from the norm. As of March 2023, the default option is ‘no’ because the use of VerifyHostKeyDNS may depend on a trusted nameserver and network path.
Denial of Service vulnerability.
The second vulnerability (CVE-2025-26466) enables a pre-authentication denial-of-service attack. This affects both the client and server and causes asymmetric consumption of memory and CPU resources. As with a Citrix SSH vulnerability earlier this year, admins must take action themselves to fix the problem. Consequently, it may take weeks or months for all operating systems to patch the vulnerability in question.
Impact and mitigation
The man-in-the-middle vulnerability was introduced in December 2014, just before OpenSSH 6.8p1. Although VerifyHostKeyDNS is disabled by default, it was enabled by default on some systems, such as FreeBSD, from 2013 to 2023.
For the server-side DoS vulnerability, built-in protection mechanisms are available via LoginGraceTime, MaxStartups and PerSourcePenalties (in OpenSSH 9.8p1 and newer). This is consistent with the trend of increased focus on security, as we saw previously with other OpenSSH vulnerabilities.
Advice to users
Users are advised to upgrade to the latest version of OpenSSH as soon as it becomes available. When it arrives is not known. For systems where VerifyHostKeyDNS is enabled, it is recommended to temporarily disable this setting until a patch is available.