Description
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.
Published: 2026-05-22
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An incorrectly placed cast from bytes to int in the AES‑GCM packet decoder of golang.org/x/crypto/ssh causes an arithmetic underflow that results in a server‑side panic. The flaw does not directly expose data or grant privileges, but it can crash the service, leading to an availability loss. The vulnerability is rooted in improper type conversion and integer underflow, categorised as CWE‑704 and CWE‑680.

Affected Systems

The affected component is golang.org/x/crypto/ssh from the Golang crypto library. No specific version range is supplied in the advisory, so the issue likely affects all releases before the fix referenced in the issue tracker.

Risk and Exploitability

The EPSS score is not available and the vulnerability is not listed in CISA KEV, so no public evidence of exploitation exists at this time. Nevertheless, a remote attacker who can send data to a vulnerable SSH server could craft malformed AES‑GCM packets that trigger the underflow and panic. The attack can be performed without authentication, depending on the server’s readiness to process inbound packets.

Generated by OpenCVE AI on May 22, 2026 at 04:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade golang.org/x/crypto to a patched version that eliminates the incorrect cast and subsequent underflow.
  • If an immediate upgrade is not possible, monitor for sudden crashes or restart events on the SSH server and block or queue suspicious packets until a patch can be applied.
  • Verify that the patched library does not affect other cryptographic functionality before deployment.

Generated by OpenCVE AI on May 22, 2026 at 04:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 22 May 2026 04:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-680
CWE-704

Fri, 22 May 2026 03:30:00 +0000

Type Values Removed Values Added
Description An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.
Title Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published:

Updated: 2026-05-22T02:31:26.754Z

Reserved: 2026-05-15T17:35:00.813Z

Link: CVE-2026-46597

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-22T04:16:26.003

Modified: 2026-05-22T04:16:26.003

Link: CVE-2026-46597

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-22T04:30:25Z

Weaknesses