CVE-2026-60002 in OpenSSH
Summary
by MITRE • 07/08/2026
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 07/08/2026
The vulnerability described represents a critical use-after-free condition in OpenSSH client implementations prior to version 10.4, specifically manifesting during server-initiated host key changes that occur during key re-exchange operations. This flaw falls under the category of memory safety vulnerabilities and is particularly concerning because it can be exploited through malicious server interactions, potentially leading to arbitrary code execution or system compromise.
The technical root cause of this vulnerability lies in improper memory management within the SSH client's handling of cryptographic key exchanges. During key re-exchange operations, when a server presents a new host key, the client must properly manage memory allocations and deallocations for cryptographic contexts and associated data structures. The use-after-free condition occurs when the client attempts to access memory that has already been freed, typically during the processing of the new host key information. This memory corruption can be leveraged by an attacker controlling the SSH server to execute malicious code on the client system.
From an operational perspective, this vulnerability presents a significant risk because it requires no authentication from the attacker to exploit the flaw. The attack vector involves a malicious or compromised SSH server that initiates a host key change during an active session, triggering the vulnerable code path in the client software. The impact extends beyond simple memory corruption as it can potentially lead to complete system compromise, especially when combined with other attack vectors or when the client is running with elevated privileges.
This vulnerability maps directly to CWE-416 Use After Free, a well-documented weakness in the Common Weakness Enumeration catalog that specifically addresses improper handling of freed memory resources. The ATT&CK framework categorizes this issue under T1566 Credential Access and T1059 Command and Control, as it enables attackers to establish persistent access through compromised client systems. The vulnerability's exploitation potential aligns with ATT&CK technique T1210 Exploitation of Remote Services, where adversaries leverage service vulnerabilities to gain unauthorized access.
The recommended mitigation strategy involves immediate deployment of OpenSSH version 10.4 or later, which includes proper memory management fixes for the key re-exchange process. Organizations should also implement network segmentation and monitoring to detect unusual SSH server behavior, particularly during key exchange operations. Additional protective measures include configuring clients to disable automatic host key changes, implementing strict SSH host key verification procedures, and maintaining regular security updates across all SSH client implementations. Network administrators should consider deploying intrusion detection systems that can identify potential exploitation attempts through anomalous SSH protocol behavior.