CVE-2025-46712: 
Linux Debian vulnerability analysis and mitigation

Erlang/OTP SSH, a component of the Erlang programming language libraries, contains a vulnerability (CVE-2025-46712) discovered in May 2025. The vulnerability affects versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), where the SSH implementation fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged (GitHub Advisory).

The vulnerability stems from violations of the draft-miller-sshm-strict-kex-01 specification in multiple ways: after SSHMSGKEXINIT, the client may send SSHMSGDEBUG, SSHMSGIGNORE, or SSHMSGUNIMPLEMENTED; after SSHMSGECDHINIT, the client may send SSHMSGDEBUG or SSHMSGUNIMPLEMENTED; and SSHMSGKEXDHGEX_REQUEST does not correctly close the connection in non-DH GEX key exchanges. The vulnerability has been assigned a CVSS v3.1 base score of 3.7 (Low) with vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N (GitHub Advisory).

The vulnerability allows a Man-in-the-Middle attacker to inject messages during the connection handshake. However, as the optional messages are most likely to be ignored, there is no immediate security impact that has been identified. The issue is primarily a violation of security-relevant protocol extension specifications, which may cause issues in the future (GitHub Advisory).

The vulnerability has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25). Users are advised to update to these versions to mitigate the issue. The fix implements proper KEX strict implementation according to the draft-miller-sshm-strict-kex-01 document (GitHub Release, GitHub Advisory).