Bug 2414943 (CVE-2025-47913) - CVE-2025-47913 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS
Summary: CVE-2025-47913 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: ...
Keywords:
Status: NEW
Alias: CVE-2025-47913
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2420556 2420561 2420562 2420564 2420566 2420568 2420569 2420571 2420575 2420577 2420582 2420583 2420584 2420585 2420586 2420587 2420591 2420592 2420593 2420594 2420595 2420596 2420598 2420600 2420603 2420604 2420607 2420611 2420612 2420613 2420614 2420615 2420619 2420620 2420621 2420623 2420625 2420628 2420629 2417045 2417046 2420555 2420557 2420558 2420559 2420560 2420563 2420565 2420567 2420570 2420572 2420573 2420574 2420576 2420578 2420579 2420580 2420588 2420589 2420590 2420597 2420599 2420601 2420602 2420605 2420606 2420608 2420609 2420610 2420616 2420617 2420618 2420622 2420624 2420626 2420627 2420630 2420631 2424419 2424420 2424421 2424422
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-11-13 22:01 UTC by OSIDB Bzimport
Modified: 2026-04-29 14:23 UTC (History)
74 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2026:0436 0 None None None 2026-01-12 02:01:41 UTC
Red Hat Product Errata RHSA-2026:0437 0 None None None 2026-01-12 03:45:06 UTC
Red Hat Product Errata RHSA-2026:0470 0 None None None 2026-01-12 17:28:33 UTC
Red Hat Product Errata RHSA-2026:0545 0 None None None 2026-01-14 04:00:41 UTC
Red Hat Product Errata RHSA-2026:0753 0 None None None 2026-01-19 02:05:31 UTC
Red Hat Product Errata RHSA-2026:10703 0 None None None 2026-04-27 02:05:35 UTC
Red Hat Product Errata RHSA-2026:1084 0 None None None 2026-01-26 14:18:22 UTC
Red Hat Product Errata RHSA-2026:11749 0 None None None 2026-04-29 14:23:44 UTC
Red Hat Product Errata RHSA-2026:2769 0 None None None 2026-02-17 00:51:25 UTC
Red Hat Product Errata RHSA-2026:4532 0 None None None 2026-03-12 20:57:38 UTC
Red Hat Product Errata RHSA-2026:4693 0 None None None 2026-03-17 06:41:00 UTC
Red Hat Product Errata RHSA-2026:5167 0 None None None 2026-03-19 20:08:59 UTC
Red Hat Product Errata RHSA-2026:5222 0 None None None 2026-03-23 02:26:44 UTC
Red Hat Product Errata RHSA-2026:8325 0 None None None 2026-04-15 15:21:09 UTC

Description OSIDB Bzimport 2025-11-13 22:01:50 UTC 
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
Comment 3 errata-xmlrpc 2026-01-12 02:01:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:0436 https://access.redhat.com/errata/RHSA-2026:0436
Comment 4 errata-xmlrpc 2026-01-12 03:45:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:0437 https://access.redhat.com/errata/RHSA-2026:0437
Comment 5 errata-xmlrpc 2026-01-12 17:28:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:0470 https://access.redhat.com/errata/RHSA-2026:0470
Comment 6 errata-xmlrpc 2026-01-14 04:00:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:0545 https://access.redhat.com/errata/RHSA-2026:0545
Comment 7 errata-xmlrpc 2026-01-19 02:05:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:0753 https://access.redhat.com/errata/RHSA-2026:0753
Comment 8 errata-xmlrpc 2026-01-26 14:18:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:1084 https://access.redhat.com/errata/RHSA-2026:1084
Comment 9 errata-xmlrpc 2026-02-17 00:51:20 UTC 
This issue has been addressed in the following products:

  Red Hat Ceph Storage 7.1

Via RHSA-2026:2769 https://access.redhat.com/errata/RHSA-2026:2769
Comment 11 errata-xmlrpc 2026-03-12 20:57:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:4532 https://access.redhat.com/errata/RHSA-2026:4532
Comment 12 errata-xmlrpc 2026-03-17 06:40:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:4693 https://access.redhat.com/errata/RHSA-2026:4693
Comment 13 errata-xmlrpc 2026-03-19 20:08:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:5167 https://access.redhat.com/errata/RHSA-2026:5167
Comment 14 errata-xmlrpc 2026-03-23 02:26:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:5222 https://access.redhat.com/errata/RHSA-2026:5222
Comment 15 errata-xmlrpc 2026-04-15 15:21:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:8325 https://access.redhat.com/errata/RHSA-2026:8325
Comment 20 errata-xmlrpc 2026-04-27 02:05:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:10703 https://access.redhat.com/errata/RHSA-2026:10703
Comment 21 errata-xmlrpc 2026-04-29 14:23:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:11749 https://access.redhat.com/errata/RHSA-2026:11749
Note You need to log in before you can comment on or make changes to this bug.