CVE-2026-39832
OpenSSH Remote Agent Key Constraint Bypass
Publication date: 2026-05-22
Last updated on: 2026-05-22
Assigner: Go Project
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| golang | go | to v0.52.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability CVE-2026-39832 affects the Go package golang.org/x/crypto/ssh/agent before version v0.52.0. It occurs because when adding a key to a remote agent, constraint extensions that restrict key usage, such as [email protected], were not serialized in the request.
As a result, destination restrictions were silently stripped when forwarding keys, which allowed unrestricted use of the key on the remote host. The fix ensures that all constraint extensions are now properly serialized by the client, preserving the intended restrictions.
Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them, improving security by preventing unintended key acceptance.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unrestricted use of forwarded SSH keys on remote hosts. Because destination restrictions were stripped silently, an attacker or unauthorized user could use the forwarded key without the intended limitations.
This means that keys forwarded to remote agents could be used on any host, not just the restricted destinations, potentially leading to unauthorized access or privilege escalation on remote systems.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the silent stripping of constraint extensions when forwarding SSH keys via the Go SSH agent, allowing unrestricted key usage on remote hosts.
To detect this vulnerability on your system or network, you should verify the version of the Go package `golang.org/x/crypto/ssh/agent` in use and check if it is before version v0.52.0, which is vulnerable.
You can also monitor SSH key forwarding behavior to see if constraint extensions such as [email protected] are being preserved or stripped.
Specific commands to detect the vulnerability are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the Go package `golang.org/x/crypto/ssh/agent` to version v0.52.0 or later, where the vulnerability is fixed.
This update ensures that all constraint extensions are properly serialized and preserved during key forwarding, preventing unrestricted key usage on remote hosts.
Additionally, the in-memory keyring returned by `NewKeyring()` will reject keys with unsupported constraint extensions instead of ignoring them silently, improving security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows destination restrictions on forwarded SSH keys to be silently stripped, enabling unrestricted use of keys on remote hosts. This could lead to unauthorized access to systems and data.
Such unauthorized access risks violating security and privacy requirements found in common standards and regulations like GDPR and HIPAA, which mandate strict access controls and protection of sensitive data.
By allowing unrestricted key usage, the vulnerability potentially undermines compliance with these regulations, as it weakens the enforcement of access restrictions and could lead to data breaches or unauthorized data processing.