A Single Line of Code: Pre-Auth OpenSSH Flaw Exposes Ubuntu and Debian Servers

A flaw has been found in the machinery of OpenSSH. Security researcher Jeremy Brown recently uncovered a critical vulnerability lurking within the GSSAPI Key Exchange patch, a popular modification many Linux distributions apply to their OpenSSH packages.

The flaw, now tracked as CVE-2026-3497, reveals how a single line of incorrect code can open the door to heap corruption and unauthorized data exposure—all before a user even enters a password.

At the heart of the issue is a simple but devastating case of mistaken identity in the code’s error handling. In the server-side logic for GSSAPI Key Exchange, developers accidentally used sshpkt_disconnect()—a function that merely queues a message and allows the code to keep running—instead of ssh_packet_disconnect(), which is designed to terminate the process immediately.

When the server encounters an error in the GSSAPI loop, this “non-terminating” function allows the process to “fall through” into sensitive code blocks it was never meant to reach. This leads to a dangerous chain of events:

• Uninitialized Variable Use: The code reads from a stack variable called recv_tok that hasn’t been properly set.
• Information Leak: The contents of this “garbage” variable are sent via Inter-Process Communication (IPC) to the privileged root monitor process.
• Heap Corruption: Finally, the code passes this uninitialized pointer to a cleanup function (gss_release_buffer), which may attempt to free() a random memory address, causing a crash or heap corruption.

The severity of CVE-2026-3497 is highly “environment-dependent,” meaning the outcome changes based on how the software was compiled.

1. Pre-Authentication Attack: An attacker does not need credentials or an account to trigger the bug. A single crafted SSH packet of approximately 300 bytes is enough to initiate the crash.
2. Data Exposure: The flaw can leak up to 127KB of heap data to the root monitor, representing a significant privacy violation.Denial of Service: On x86_64 systems, the attack consistently triggers a child process crash (SIGSEGV or SIGABRT), leading to a 90-second SSH lockout.
3. The Compiler Lottery: Testing shows that different compilers leave different “residue” in memory. For instance, GCC-O2 might leave a valid heap address behind, while Clang might leave a fixed hex value, changing how the vulnerability manifests.

This vulnerability specifically impacts Ubuntu and Debian OpenSSH servers that have enabled GSSAPIKeyExchange.

Administrators should update their OpenSSH packages immediately. The technical fix involves replacing the incorrect sshpkt_disconnect() call with the terminating ssh_packet_disconnect() at three specific server-side sites within the kexgsss.c file.

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy

Do Son

Do Son (aka Ddos) is a seasoned news reporter, bringing over a decade of expertise to the forefront of cyber security and technology reporting. My work provides timely and insightful analysis of emerging trends and critical developments in these rapidly evolving sectors.