CVE-2026-39832 - Go x/crypto ssh agent forwarded constraint loss

golang.org/x/crypto/ssh/agent before 0.52.0 fails to serialize constraint extensions such as restrict-destination-v00@openssh.com when adding a key to a remote forwarded agent. The remote side receives a less restricted key than the caller intended.

This is a key-usage policy bypass in Go code that forwards agent-backed keys across trust boundaries.

When to use it

  • A repository builds Go SSH clients, bastions, deploy tools, CI/Git access systems, remote execution agents, or automation that forwards SSH agents or agent-backed keys.
  • Security policy relies on destination restrictions, constraint extensions, remote signing limits, host trust boundaries, or narrowed key use.
  • Code uses golang.org/x/crypto/ssh/agent, ForwardToAgent, custom keyrings, or forwarded-agent wrappers.
  • You need a bounded PR or triage note that upgrades x/crypto and proves forwarded keys keep their intended constraints.

Inputs

  • Go modules, vendored trees, SSH agent/forwarding code, bastion/deploy workflows, generated dependency reports, SBOMs, Dockerfiles, images, and runbooks.
  • Resolved golang.org/x/crypto versions, forwarded-agent trust boundaries, supported constraint extensions, private-key handling, host policy, and rollout owners.
  • Available go test, keyring/agent regression tests, builds, image builds, SBOM, and dependency/security scans.

Affected versions

  • Vulnerable: golang.org/x/crypto/ssh/agent <0.52.0
  • Fixed: 0.52.0+
  • Affected surface: SSH agent forwarding and forwarded-key constraints

Indicator-of-exposure

  • The repository resolves golang.org/x/crypto <0.52.0.
  • Code forwards SSH agents or remote-signing keys.
  • Security policy relies on destination or extension-based key restrictions.

Quick checks:

rg -n "ssh/agent|AgentForward|NewKeyring|restrict-destination|ConstraintExtension|ForwardToAgent" .
go list -m all | rg "golang.org/x/crypto"

Windows:

rg -n "ssh/agent|AgentForward|NewKeyring|restrict-destination|ConstraintExtension|ForwardToAgent" .
go list -m all | rg "golang.org/x/crypto"

Remediation strategy

  • Upgrade golang.org/x/crypto to 0.52.0+.
  • Audit every forwarded-agent path and any assumption that remote hosts receive destination-restricted keys.
  • Consider disabling agent forwarding where it is not strictly necessary.

The prompt

Model context: this prompt was generated by GPT 5.5 Extra High reasoning.

You are remediating CVE-2026-39832 / GHSA-f5wc-c3c7-36mc in Go ssh-agent code.
Forwarded keys can lose destination restrictions. Produce exactly one output:

- A reviewer-ready PR/change request that upgrades `golang.org/x/crypto`,
  hardens forwarded-agent usage, adds regression tests, and documents operator
  follow-up, or
- TRIAGE.md if this repository does not control an affected forwarded-agent
  path.

## Rules

- Scope only CVE-2026-39832 and directly related agent-forwarding behavior.
- Treat private keys, agent sockets, and host trust boundaries as sensitive.
- Do not forward production keys for live validation.
- Do not auto-merge.

## Steps

1. Inventory every Go module and binary controlled here that uses
   `golang.org/x/crypto/ssh/agent`.
2. Confirm whether any resolved version is `<0.52.0`.
3. Trace agent-forwarding and keyring constraint handling.
4. If no affected path is controlled here, stop with `TRIAGE.md`.
5. Upgrade to `0.52.0+` and refresh module metadata and images.
6. Add regression tests proving forwarded keys preserve all supported
   constraint extensions.
7. Review whether agent forwarding can be disabled or narrowed.
8. Add a PR body section named `CVE-2026-39832 operator actions` covering
   versions before and after, forwarding paths reviewed, and validation that
   passed.
9. Run available validation: `go test`, builds, and dependency/security scans.
10. Use PR title:
    `fix(sec): remediate Go ssh-agent forwarded constraint loss`.

Verification - what the reviewer looks for

  • No controlled binary resolves golang.org/x/crypto/ssh/agent <0.52.0.
  • Regression tests show constraint extensions survive forwarded-agent handling.
  • Forwarded-agent use is documented and narrowed where possible.

Output contract

  • Reviewer-ready PR upgrading every controlled Go module, vendor tree, image, generated report, and SBOM to golang.org/x/crypto 0.52.0+.
  • Regression tests proving forwarded keys preserve supported constraint extensions across remote agent handling without forwarding production keys.
  • Operator notes documenting forwarded-agent paths, disabled/narrowed forwarding, host trust boundaries, and any remaining owner actions.
  • TRIAGE.md when SSH agent runtime, vendored dependency, key policy, or deployment artifact control is outside this repository.

Watch for

  • Treating forwarded-agent use as harmless convenience.
  • Fixing serialization but leaving unsupported constraints silently ignored in other keyring paths.

References