Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-23943

Опубликовано: 13 мар. 2026
Источник: nvd
EPSS Низкий

Описание

Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion.

The SSH transport layer advertises legacy zlib compression by default and inflates attacker-controlled payloads pre-authentication without any size limit, enabling reliable memory exhaustion DoS.

Two compression algorithms are affected:

  • zlib: Activates immediately after key exchange, enabling unauthenticated attacks
  • zlib@openssh.com: Activates post-authentication, enabling authenticated attacks

Each SSH packet can decompress ~255 MB from 256 KB of wire data (1029:1 amplification ratio). Multiple packets can rapidly exhaust available memory, causing OOM kills in memory-constrained environments.

This vulnerability is associated with program files lib/ssh/src/ssh_transport.erl and program routines ssh_transport:decompress/2, ssh_transport:handle_packet_part/4.

This issue affects OTP from OTP 17.0 until OTP 28.4.1,

Ссылки

EPSS

Процентиль: 13%
0.00041
Низкий

Дефекты

CWE-409

Связанные уязвимости

ubuntu логотип

CVE-2026-23943

ubuntu
13 дней назад

Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by default and inflates attacker-controlled payloads pre-authentication without any size limit, enabling reliable memory exhaustion DoS. Two compression algorithms are affected: * zlib: Activates immediately after key exchange, enabling unauthenticated attacks * zlib@openssh.com: Activates post-authentication, enabling authenticated attacks Each SSH packet can decompress ~255 MB from 256 KB of wire data (1029:1 amplification ratio). Multiple packets can rapidly exhaust available memory, causing OOM kills in memory-constrained environments. This vulnerability is associated with program files lib/ssh/src/ssh_transport.erl and program routines ssh_transport:decompress/2, ssh_transport:handle_packet_part/4. This issue affects OTP from OTP 17.0 until OTP 28.4.1, 27...

msrc логотип

CVE-2026-23943

msrc
10 дней назад

Pre-auth SSH DoS via unbounded zlib inflate

debian логотип

CVE-2026-23943

debian
13 дней назад

Improper Handling of Highly Compressed Data (Compression Bomb) vulnera ...

EPSS

Процентиль: 13%
0.00041
Низкий

Дефекты

CWE-409