CVE-2025-26465 - Exploiting VerifyHostKeyDNS Vulnerability in OpenSSH for Machine-in-the-Middle Attacks

A security vulnerability, dubbed CVE-2025-26465, has been identified within OpenSSH – an open-source tool that is widely used for secure remote logins and file transfers. The vulnerability is reported to affect situations when the VerifyHostKeyDNS option is enabled, allowing malicious machines to impersonate legitimate servers. This post will dig deeper into the vulnerability, examine a code snippet demonstrating the issue, reference original sources, and detail how to exploit it.

Overview

The core of the CVE-2025-26465 vulnerability lies in OpenSSH's mishandling of error codes in specific conditions when verifying the host key while using VerifyHostKeyDNS option. To perform a successful Machine-in-the-Middle (MitM) attack exploiting this vulnerability, an attacker would need to exhaust the client's memory resources first, making the attack complexity high.

Code Snippet

Below is a code snippet of the problematic area in OpenSSH, showcasing the incorrect error code handling:

// OpenSSH code with error
if (options.verify_host_key_dns &&
    (options.host_key_alias == NULL) &&
    match_hostname(host, rhost_key.dns_domain))
{
	// ... original code ...
}
else {
	logit("DNS host key mismatch for %s: "
	      "expected %s, received %s, skipping...",
	      rhost, rhost_key_dns, rhost_key);
	result = ENOENT; // Incorrect error code
	break;
}

As seen in the code snippet, the error code ENOENT is set when there is a host key mismatch. However, this is an incorrect error code for this specific condition, and it can lead to the MitM attack that exploits CVE-2025-26465.

Exploit Details

For a successful MitM attack exploiting this vulnerability, an attacker must overcome the hurdle of exhausting the client's memory resources. Below are the steps required to perform this attack:

Set up a malicious server that impersonates a legitimate server.

2. Monitor the target host/client for connections using OpenSSH with the VerifyHostKeyDNS option enabled.
3. When the target host/client connects to the malicious server, it will receive an incorrect host key due to the erroneous error code handling, as demonstrated in the code snippet above.
4. Employ a denial-of-service attack on the target host/client in an attempt to exhaust its memory resources.
5. Upon successfully exhausting the target host/client's memory, the client will treat the malicious server as a legitimate one, allowing the attacker to gain unauthorized access and intercept/modify data transmitted between the client and the server.

Mitigation

Until a patch is available from OpenSSH, the best practice for mitigating this vulnerability is to disable the VerifyHostKeyDNS option on all clients. Organizations should also deploy network intrusion detection systems (NIDS) and configure them to.detect signs of such MitM attacks.

Conclusion

CVE-2025-26465 demonstrates a crucial vulnerability in OpenSSH, which could be exploited to perform MitM attacks when the VerifyHostKeyDNS option is enabled. Although the attack complexity is relatively high, organizations should consider disabling the VerifyHostKeyDNS option and deploying NIDS to protect their systems from such threats.

Timeline

Published on: 02/18/2025 19:15:29 UTC
Last modified on: 02/19/2025 15:15:18 UTC