Executive Summary

CVE-2026-55653 is a vulnerability in OpenSSH affecting the Diffie-Hellman Group Exchange (DH-GEX) client path when running in FIPS mode. A malicious SSH server can exploit a double free flaw during the validation of DH-GEX group parameters controlled by the attacker. This double free occurs because the client frees certain memory pointers twice during the process, leading to instability.

Specifically, the issue happens when the client fails FIPS known-group validation and frees local pointers before properly handling the Diffie-Hellman object, then frees them again during teardown. This flaw can cause the client process to terminate unexpectedly.

Useful 0 Not Useful 0

Impact Analysis

The primary impact of this vulnerability is a Denial of Service (DoS) on the client side. Successful exploitation causes the SSH client process to terminate unexpectedly, disrupting availability.

There is no demonstrated loss of confidentiality or integrity from this vulnerability, so the impact is limited to availability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability occurs when the OpenSSH client running in FIPS mode negotiates the diffie-hellman-group-exchange-sha256 key exchange method with a malicious SSH server. Detection involves identifying if your SSH client is using this key exchange method in FIPS mode.

One way to test for the vulnerability is to use the ssh-keyscan command against potentially untrusted hosts while in FIPS mode, as this non-fatal client flow can trigger the double free issue.

• Run `ssh -Q kex` to check if diffie-hellman-group-exchange-sha256 is enabled as a key exchange method.
• Use `ssh-keyscan -t diffie-hellman-group-exchange-sha256 <host>` to test the key exchange negotiation with a target host.

If the client process terminates unexpectedly or crashes during these tests, it may indicate the presence of the vulnerability.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include avoiding the negotiation of the diffie-hellman-group-exchange-sha256 key exchange method in OpenSSH clients running in FIPS mode.

Additionally, refrain from using non-fatal client flows such as ssh-keyscan against untrusted or potentially malicious SSH servers while FIPS mode is enabled.

Monitoring for patches or updates from your vendor and applying them once available is also recommended.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability affects the availability aspect of systems running OpenSSH in FIPS mode by causing a denial of service through client-side process termination. Since the impact is limited to availability and does not involve loss of confidentiality or integrity, the direct effect on compliance with standards like GDPR or HIPAA—which emphasize data protection and privacy—is minimal.

However, because FIPS mode is often used to meet regulatory requirements for cryptographic standards, the presence of this vulnerability in FIPS mode deployments could indirectly affect compliance by undermining system reliability and availability, which are also important for maintaining secure and compliant environments.

Mitigation involves avoiding the vulnerable key exchange method and careful use of client flows in FIPS mode, which helps maintain compliance by preserving system availability and adherence to FIPS requirements.

Useful 0 Not Useful 0