CVE-2026-39832 - Go x/crypto ssh agent forwarded constraint loss
golang.org/x/crypto/ssh/agent before 0.52.0 fails to serialize constraint
extensions such as restrict-destination-v00@openssh.com when adding a key to
a remote forwarded agent. The remote side receives a less restricted key than
the caller intended.
This is a key-usage policy bypass in Go code that forwards agent-backed keys across trust boundaries.
When to use it
- A repository builds Go SSH clients, bastions, deploy tools, CI/Git access systems, remote execution agents, or automation that forwards SSH agents or agent-backed keys.
- Security policy relies on destination restrictions, constraint extensions, remote signing limits, host trust boundaries, or narrowed key use.
- Code uses
golang.org/x/crypto/ssh/agent,ForwardToAgent, custom keyrings, or forwarded-agent wrappers. - You need a bounded PR or triage note that upgrades
x/cryptoand proves forwarded keys keep their intended constraints.
Inputs
- Go modules, vendored trees, SSH agent/forwarding code, bastion/deploy workflows, generated dependency reports, SBOMs, Dockerfiles, images, and runbooks.
- Resolved
golang.org/x/cryptoversions, forwarded-agent trust boundaries, supported constraint extensions, private-key handling, host policy, and rollout owners. - Available
go test, keyring/agent regression tests, builds, image builds, SBOM, and dependency/security scans.
Affected versions
- Vulnerable:
golang.org/x/crypto/ssh/agent <0.52.0 - Fixed:
0.52.0+ - Affected surface: SSH agent forwarding and forwarded-key constraints
Indicator-of-exposure
- The repository resolves
golang.org/x/crypto <0.52.0. - Code forwards SSH agents or remote-signing keys.
- Security policy relies on destination or extension-based key restrictions.
Quick checks:
rg -n "ssh/agent|AgentForward|NewKeyring|restrict-destination|ConstraintExtension|ForwardToAgent" .
go list -m all | rg "golang.org/x/crypto"
Windows:
rg -n "ssh/agent|AgentForward|NewKeyring|restrict-destination|ConstraintExtension|ForwardToAgent" .
go list -m all | rg "golang.org/x/crypto"
Remediation strategy
- Upgrade
golang.org/x/cryptoto0.52.0+. - Audit every forwarded-agent path and any assumption that remote hosts receive destination-restricted keys.
- Consider disabling agent forwarding where it is not strictly necessary.
The prompt
Model context: this prompt was generated by GPT 5.5 Extra High reasoning.
You are remediating CVE-2026-39832 / GHSA-f5wc-c3c7-36mc in Go ssh-agent code.
Forwarded keys can lose destination restrictions. Produce exactly one output:
- A reviewer-ready PR/change request that upgrades `golang.org/x/crypto`,
hardens forwarded-agent usage, adds regression tests, and documents operator
follow-up, or
- TRIAGE.md if this repository does not control an affected forwarded-agent
path.
## Rules
- Scope only CVE-2026-39832 and directly related agent-forwarding behavior.
- Treat private keys, agent sockets, and host trust boundaries as sensitive.
- Do not forward production keys for live validation.
- Do not auto-merge.
## Steps
1. Inventory every Go module and binary controlled here that uses
`golang.org/x/crypto/ssh/agent`.
2. Confirm whether any resolved version is `<0.52.0`.
3. Trace agent-forwarding and keyring constraint handling.
4. If no affected path is controlled here, stop with `TRIAGE.md`.
5. Upgrade to `0.52.0+` and refresh module metadata and images.
6. Add regression tests proving forwarded keys preserve all supported
constraint extensions.
7. Review whether agent forwarding can be disabled or narrowed.
8. Add a PR body section named `CVE-2026-39832 operator actions` covering
versions before and after, forwarding paths reviewed, and validation that
passed.
9. Run available validation: `go test`, builds, and dependency/security scans.
10. Use PR title:
`fix(sec): remediate Go ssh-agent forwarded constraint loss`.
Verification - what the reviewer looks for
- No controlled binary resolves
golang.org/x/crypto/ssh/agent <0.52.0. - Regression tests show constraint extensions survive forwarded-agent handling.
- Forwarded-agent use is documented and narrowed where possible.
Output contract
- Reviewer-ready PR upgrading every controlled Go module, vendor tree, image,
generated report, and SBOM to
golang.org/x/crypto 0.52.0+. - Regression tests proving forwarded keys preserve supported constraint extensions across remote agent handling without forwarding production keys.
- Operator notes documenting forwarded-agent paths, disabled/narrowed forwarding, host trust boundaries, and any remaining owner actions.
TRIAGE.mdwhen SSH agent runtime, vendored dependency, key policy, or deployment artifact control is outside this repository.
Watch for
- Treating forwarded-agent use as harmless convenience.
- Fixing serialization but leaving unsupported constraints silently ignored in other keyring paths.
Related recipes
- Go x/crypto ssh FIDO presence bypass
- Go x/crypto ssh unsolicited response deadlock
- CVE intelligence intake gate
References
- GitHub Advisory: https://github.com/advisories/GHSA-f5wc-c3c7-36mc
- Go issue: https://go.dev/issue/79435
- Go fix: https://go.dev/cl/778642
- Go vuln entry: https://pkg.go.dev/vuln/GO-2026-5006