When a key that contains constraint extensions such as restrict-destination-v00@openssh.com is added to a remote ssh agent, the agent omitted these constraints during serialization. As a result, forwarded keys were stripped of all destination restrictions, allowing anyone who could forward a key to use it anywhere on the remote host without limitation. The vulnerability therefore enables an attacker who can forward an SSH key to abuse it beyond the intended constraints, potentially accessing services or executing commands on the remote system. The CVSS score of 9.1 reflects its high severity, indicating significant risk to confidentiality, integrity, and availability when keys can be used unrestrictedly.

The vulnerability affects the golang.org/x/crypto/ssh/agent component of the Go cryptographic library. No specific version numbers were listed, so any build of the agent prior to the fix that does not enforce constraint serialization may be vulnerable.

The EPSS score of < 1% indicates a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The CVSS score of 9.1 reflects its high severity and indicates potential for widespread damage. The attack requires the ability to forward an SSH key via ssh-agent, which can be achieved by a local user or a process with agent access. Because the flaw silently removes all constraint extensions, the attack vector is straightforward for anyone who can trigger key forwarding. The fix now serializes all constraint extensions and rejects unsupported ones, greatly reducing the potential exploitation window.