A malicious SSH peer could send unsolicited global request
responses to fill an internal buffer, blocking the connection's
read loop. The blocked goroutine could not be released by calling
Close(), resulting in a resource leak per connection. Unsolicited
global responses are now discarded.
Thanks to NCC Group Cryptography Services, sponsored by Teleport for reporting this issue.
This is CVE-2026-39830 and Go issue https://go.dev/issue/79564.
This was a PRIVATE track issue, tracked in http://b/502992794.
A malicious SSH peer could send unsolicited global request
responses to fill an internal buffer, blocking the connection's
read loop. The blocked goroutine could not be released by calling
Close(), resulting in a resource leak per connection. Unsolicited
global responses are now discarded.
Thanks to NCC Group Cryptography Services, sponsored by Teleport for reporting this issue.
This is CVE-2026-39830 and Go issue https://go.dev/issue/79564.
This was a PRIVATE track issue, tracked in http://b/502992794.