USN-7956-1 Unknown

USN-7956-1: Google Guest Agent vulnerability

Canonical (Ubuntu) Released: January 13, 2026 Updated: January 15, 2026 Restart Required

Description

Jakub Ciolek discovered that the Go Cryptography module included in Google Guest Agent did not validate GSSAPI authentication requests during SSH operations. An attacker could possibly use this issue to cause a denial of service.

Fixed Vulnerabilities 1

CVE-2025-58181 N/A 0.0 ⚠️ KEV fixed

Nov 19, 2025

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

Quick Info

Patch ID: USN-7956-1

Vendor: Canonical (Ubuntu)

Severity: Unknown

CVEs Fixed: 1

Restart: Required

Vendor

Canonical (Ubuntu)

Additional Info

action:

usn id: USN-7956-1

summary: Google Guest Agent could be made to crash if it received specially crafted network traffic.

usn number: 7956-1

instructions: In general, a standard system update will make all the necessary changes.

CVE Vulnerabilities

Posts & Pages