CVE-2026-39828 golang.org/x/crypto CVE debrief

Who should care

Developers and operators running SSH servers built on Go, especially deployments that use custom authentication callbacks, certificate restrictions, force-command style controls, or multi-factor flows that can return partial success.

Technical summary

The issue is in the SSH server authentication callback path. According to the CVE description, when PartialSuccessError was returned together with non-nil Permissions, those permissions were silently discarded. That meant a later successful authentication step could proceed without the original restriction set, including certificate restrictions such as force-command. The fix changes this behavior so that returning non-nil Permissions with PartialSuccessError now results in a connection error instead of silently dropping the permissions.

Defensive priority

High for any affected Go-based SSH service that relies on callback-returned permissions to enforce post-authentication restrictions. This is primarily an access-control integrity issue rather than a crash or availability issue, so prioritize it where SSH auth policy is security-sensitive.

Recommended defensive actions

• Review whether your SSH server uses Go authentication callbacks that can return PartialSuccessError and non-nil Permissions.
• Upgrade to a Go release that includes the fix referenced by the Go security announcement and advisory for this CVE.
• Validate that certificate restrictions, including force-command behavior, are still enforced after any multi-factor or partial-success login flow.
• Audit custom SSH authentication logic for any reliance on permissions being preserved across partial-success steps.
• After patching, test representative login paths to confirm the server now rejects the unsafe PartialSuccessError plus Permissions combination.

Evidence notes

This debrief is based only on the supplied CVE description and the referenced official Go/NVD sources. The core evidence is the CVE text stating that non-nil Permissions were silently discarded after PartialSuccessError and that the new behavior is to treat that combination as a connection error. The supplied references point to a Go code change, a Go issue, a Go security announcement, and the Go vulnerability entry for GO-2026-5014. Vendor/product attribution remains low confidence in the supplied corpus, so this write-up frames the issue generically as a Go SSH server authentication bug.

Official resources