CVE-2025-61984
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/10/2025
Last modified:
11/11/2025
Description
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
Impact
Base Score 3.x
3.60
Severity 3.x
LOW
References to Advisories, Solutions, and Tools
- https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
- https://www.openssh.com/releasenotes.html#10.1p1
- https://www.openwall.com/lists/oss-security/2025/10/06/1
- http://www.openwall.com/lists/oss-security/2025/10/07/1
- http://www.openwall.com/lists/oss-security/2025/10/12/1
- https://www.vicarius.io/vsociety/posts/cve-2025-61984-detection-script-remote-code-execution-vulnerability-affecting-openssh
- https://www.vicarius.io/vsociety/posts/cve-2025-61984-mitigation-script-remote-code-execution-vulnerability-affecting-openssh
- https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984