Skip to content

OSG-SEC-2024-01-08 HIGH SSH vulnerability exploitable in Terrapin attacks

Dear OSG Security Contacts,

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.


Multiple versions of SSH, including AsyncSSH, LibSSH, OpenSSH, PuTTY, Transmit, SUSE, and others.


Although the attack is cryptographically innovative, its security impact is limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection. The most significant identified impact is that it enables a man in the middle to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.


Upgrade to secure packages as they become available.


[1] Red Hat Errata [2] SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) [3] OpenSSH package version [4] LibSSH package version [5] ASyncSSH package version [6] PuTTY [7] Transmit [8] SUSE [9] Ubuntu

Please contact the OSG security team at [email protected] if you have any questions or concerns.

OSG Security Team