Bug 2480687 (CVE-2026-39828) - CVE-2026-39828 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions
Summary: CVE-2026-39828 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized...
Keywords:
Status: NEW
Alias: CVE-2026-39828
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2489873 2489875 2489876 2489877 2489878 2489879 2489880 2489881 2489882 2489883 2489884 2489886 2489887 2489888 2489889 2489890 2489891 2489892 2489893 2489894 2489896 2489897 2489898 2489899 2489900 2489901 2489902 2489903 2489904 2489905 2489906 2489907 2489908 2489909 2489910 2489911 2489912 2489914 2489915 2489916 2489917 2489919 2489920 2489921 2489922 2489923 2489924 2489925 2489926 2489927 2489929 2489931 2489933 2489934 2489935 2489936 2489937 2489940 2489941 2489942 2489943 2489944 2489946 2489947 2489949 2489950 2489951 2489952 2489954 2489956 2489957 2489958 2489959 2489960 2489962 2489963 2489964 2489965 2489966 2489874 2489885 2489895 2489913 2489918 2489928 2489930 2489932 2489938 2489939 2489945 2489948 2489953 2489955 2489961
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-05-22 04:02 UTC by OSIDB Bzimport
Modified: 2026-06-19 03:27 UTC (History)
72 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2026-05-22 04:02:09 UTC 
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.
Note You need to log in before you can comment on or make changes to this bug.