USN-7956-1
- Source
- https://ubuntu.com/security/notices/USN-7956-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-7956-1
- Upstream
- Related
- Published
- 2026-01-13T06:41:34.383827Z
- Modified
- 2026-01-30T01:36:40.242353Z
- Summary
- google-guest-agent vulnerability
- Details
-
Jakub Ciolek discovered that the Go Cryptography module included in Google Guest Agent did not validate GSSAPI authentication requests during SSH operations. An attacker could possibly use this issue to cause a denial of service.
- References
Affected packages
Ubuntu:22.04:LTS
google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20250116.00-0ubuntu1~22.04.2?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20250116.00-0ubuntu1~22.04.2
Affected versions
20210629.*
20210629.00-0ubuntu1
20210629.00-0ubuntu2
20220104.*
20220104.00-0ubuntu1
20220104.00-0ubuntu2
20220622.*
20220622.00-0ubuntu2~22.04.0
20220622.00-0ubuntu2~22.04.1
20230426.*
20230426.00-0ubuntu2~22.04.0
20231004.*
20231004.02-0ubuntu1~22.04.1
20231004.02-0ubuntu1~22.04.2
20231004.02-0ubuntu1~22.04.3
20231004.02-0ubuntu1~22.04.4
20231004.02-0ubuntu1~22.04.5
20240716.*
20240716.00-0ubuntu1~22.04.0
20241011.*
20241011.01-0ubuntu1~22.04.0
20250116.*
20250116.00-0ubuntu1~22.04.0
20250116.00-0ubuntu1~22.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20250116.00-0ubuntu1~22.04.2"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-58181",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json"
Ubuntu:24.04:LTS
google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20250116.00-0ubuntu1~24.04.3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20250116.00-0ubuntu1~24.04.3
Affected versions
20230426.*
20230426.00-0ubuntu3
20231004.*
20231004.02-0ubuntu1
20231004.02-0ubuntu3
20240213.*
20240213.00-0ubuntu1
20240213.00-0ubuntu2
20240213.00-0ubuntu3
20240213.00-0ubuntu3.1
20240213.00-0ubuntu3.2
20240716.*
20240716.00-0ubuntu1~24.04.0
20240716.00-0ubuntu1~24.04.1
20241011.*
20241011.01-0ubuntu1~24.04.0
20250116.*
20250116.00-0ubuntu1~24.04.0
20250116.00-0ubuntu1~24.04.1
20250116.00-0ubuntu1~24.04.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20250116.00-0ubuntu1~24.04.3"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-58181",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json"
Ubuntu:25.10
google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20250506.01-0ubuntu1.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20250506.01-0ubuntu1.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20250506.01-0ubuntu1.1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-58181",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:25.10"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json"
Ubuntu:Pro:16.04:LTS
google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20240716.00-0ubuntu1~16.04.0+esm2?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20240716.00-0ubuntu1~16.04.0+esm2
Affected versions
20201217.*
20201217.02-0ubuntu1~16.04.0
20230426.*
20230426.00-0ubuntu2~16.04.3
20231004.*
20231004.02-0ubuntu1~16.04.1
20231004.02-0ubuntu1~16.04.2
20240716.*
20240716.00-0ubuntu1~16.04.0
20240716.00-0ubuntu1~16.04.0+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20240716.00-0ubuntu1~16.04.0+esm2"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-58181",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:16.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json"
Ubuntu:Pro:18.04:LTS
google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20241011.01-0ubuntu1~18.04.0+esm2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20241011.01-0ubuntu1~18.04.0+esm2
Affected versions
20201217.*
20201217.02-0ubuntu1~18.04.0
20210414.*
20210414.00-0ubuntu1~18.04.0
20210629.*
20210629.00-0ubuntu1~18.04.1
20220622.*
20220622.00-0ubuntu2~18.04.0
20220622.00-0ubuntu2~18.04.1
20230426.*
20230426.00-0ubuntu2~18.04.0
20231004.*
20231004.02-0ubuntu1~18.04.2
20231004.02-0ubuntu1~18.04.3
20240716.*
20240716.00-0ubuntu1~18.04.0
20241011.*
20241011.01-0ubuntu1~18.04.0
20241011.01-0ubuntu1~18.04.0+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20241011.01-0ubuntu1~18.04.0+esm2"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-58181",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json"
Ubuntu:Pro:20.04:LTS
google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20250116.00-0ubuntu1~20.04.0+esm2?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20250116.00-0ubuntu1~20.04.0+esm2
Affected versions
20201217.*
20201217.02-0ubuntu1~20.04.0
20210414.*
20210414.00-0ubuntu1~20.04.0
20210629.*
20210629.00-0ubuntu1~20.04.0
20220622.*
20220622.00-0ubuntu2~20.04.0
20220622.00-0ubuntu2~20.04.2
20230426.*
20230426.00-0ubuntu2~20.04.0
20231004.*
20231004.02-0ubuntu1~20.04.1
20231004.02-0ubuntu1~20.04.2
20231004.02-0ubuntu1~20.04.3
20231004.02-0ubuntu1~20.04.4
20240716.*
20240716.00-0ubuntu1~20.04.0
20241011.*
20241011.01-0ubuntu1~20.04.1
20250116.*
20250116.00-0ubuntu1~20.04.0
20250116.00-0ubuntu1~20.04.0+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20250116.00-0ubuntu1~20.04.0+esm2"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-58181",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7956-1.json"