MGASA-2026-0066 Updated trilead-ssh2 packages fix security vulnerabilities

CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack...

TencentOS Server 3: libssh (TSSA-2024:0056)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0056 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

SUSE-SU-2024:0974-1 Security update for jsch-agent-proxy

This update for jsch-agent-proxy fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack bsc1218198...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

SUSE-SU-2024:0210-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack bsc1218192...

Medium: libssh

Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...

SUSE-SU-2024:0006-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity Terrapin Attack bsc1218127...

SUSE-SU-2023:4904-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity bsc1217950...

SUSE-SU-2023:4903-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity bsc1217950...

CVE-2023-48795

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...