CVE-2025-32754 Overview
CVE-2025-32754 affects jenkins/ssh-agent Docker images version 6.11.1 and earlier built on Debian. The images generate SSH host keys during image creation rather than at container startup. All containers launched from the same image version therefore share identical SSH host keys. Attackers positioned in the network path between the Jenkins controller and SSH build agent can impersonate the agent. The flaw is tracked under CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator and carries a CVSS score of 9.1.
Critical Impact
Shared SSH host keys across all containers enable man-in-the-middle attacks against Jenkins build agent communications, exposing build artifacts, credentials, and source code in transit.
Affected Products
- jenkins/ssh-agent Docker image versions 6.11.1 and earlier (Debian-based variants)
- Jenkins SSH Build Agent infrastructure relying on these images
- Jenkins controllers connecting to affected agent containers
Discovery Timeline
- 2025-04-10 - Jenkins publishes Security Advisory SECURITY-3565
- 2025-04-10 - CVE-2025-32754 published to NVD
- 2025-05-02 - Last updated in NVD database
Technical Details for CVE-2025-32754
Vulnerability Analysis
The jenkins/ssh-agent Docker image provides an SSH server that Jenkins controllers connect to for executing build jobs. SSH host keys uniquely identify each server and allow clients to detect impersonation. In affected versions, the Debian-based image generation process runs ssh-keygen during the Docker build step. The resulting keys are baked into the image layers. Every container instantiated from the same image version starts with the same private host keys. Any party who pulls the public image can extract these keys directly. The attacker then needs only a network interception position to present the legitimate-looking host key to the Jenkins controller.
Root Cause
The Dockerfile generates SSH host keys at build time rather than at container first-run. This violates the principle that cryptographic key material must be unique per host. The CWE-338 classification reflects insufficient randomness in the deployment model: while ssh-keygen itself uses strong entropy, the keys are reused across every container instance.
Attack Vector
An attacker first obtains the public jenkins/ssh-agent image and extracts the embedded host keys from /etc/ssh/. The attacker then intercepts traffic between a Jenkins controller and a build agent container through ARP spoofing, DNS poisoning, or compromised network infrastructure. Because the controller validates the host key fingerprint and finds it matches the expected agent, the man-in-the-middle session succeeds. The attacker can capture build commands, exfiltrate source code, inject malicious build steps, and harvest credentials transmitted to the agent.
Detection Methods for CVE-2025-32754
Indicators of Compromise
- Identical SSH host key fingerprints reported by multiple distinct jenkins/ssh-agent containers
- Unexpected SSH connection sources to Jenkins build agents from outside expected controller IP ranges
- Anomalous build agent output containing unfamiliar commands or credential access attempts
Detection Strategies
- Audit running containers and compare /etc/ssh/ssh_host_*_key.pub fingerprints across instances to identify duplicates
- Inspect Docker image manifests for jenkins/ssh-agent versions at or below 6.11.1 with Debian base layers
- Review Jenkins controller logs for SSH host key warnings or unexpected reconnection events
Monitoring Recommendations
- Enable network flow monitoring between Jenkins controllers and SSH build agents to detect off-path traffic
- Alert on new ARP entries or DNS responses affecting build infrastructure subnets
- Track Docker image pulls and container starts for the affected image tag in CI/CD telemetry
How to Mitigate CVE-2025-32754
Immediate Actions Required
- Upgrade jenkins/ssh-agent Docker images to a version later than 6.11.1 that generates host keys at container startup
- Regenerate SSH host keys inside any running container built from an affected image and update controller known_hosts entries
- Restrict network paths between Jenkins controllers and agents to dedicated, segmented networks
Patch Information
Jenkins addressed the issue in releases following 6.11.1. Refer to the Jenkins Security Advisory SECURITY-3565 for fixed version details and image tags. Pull the patched image and redeploy all build agent containers.
Workarounds
- Override the image entrypoint to delete /etc/ssh/ssh_host_* files and run ssh-keygen -A before starting sshd
- Mount unique host key files into each container from an external secret store rather than relying on image-embedded keys
- Use the Alpine-based image variant if it is not affected, or build a custom image that defers key generation to runtime
# Configuration example: regenerate host keys at container startup
docker run --rm --entrypoint /bin/sh jenkins/ssh-agent:latest -c \
"rm -f /etc/ssh/ssh_host_* && ssh-keygen -A && exec /usr/sbin/sshd -D -e"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
