OpenSSH 9.6: Critical Advisory on Terrapin Attack and Security Update
Dec 29, 2023
•
Brittany Day
2 - 4 min read
Hello OpenSSH users,
Today I’m alerting you of multiple severe vulnerabilities discovered and mitigated in OpenSSH. The most notorious of these bugs is the “Terrapin vulnerability,” which allows a man-in-the-middle (MITM) attacker to break the integrity of the encrypted SSH transport protocol used to secure data in transit.
The implications of the Terrapin attack are far-reaching, given OpenSSH’s widespread use in secure data communications. An attack could result in the compromise of sensitive data transmitted across networks.
Read on to learn about other impactful vulnerabilities recently discovered and fixed in your open-source programs and applications.
If you found today’s newsletter helpful and informative, please share it with a fellow security geek. Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from enthusiastic and insightful community members who share our love for Linux and security!
Stay safe out there,
OpenSSHThe DiscoveryMultiple severe vulnerabilities have been discovered and mitigated in OpenSSH, a popular open-source implementation of the Secure Shell (SSH) protocol. The most notorious of these bugs is the “Terrapin vulnerability,” tracked as CVE-2023-48795, which allows a man-in-the-middle (MITM) attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages before the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts. |
Intel MicrocodeThe DiscoveryNot long after the notorious “Reptar” Intel Microcode privilege escalation bug dominated security news headlines, another significant microcode privilege escalation flaw was found. It was discovered that a sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors that may allow an authenticated user to escalate privileges (CVE-2023-23583). The National Vulnerability Database has classified the severity of this flaw as “High” due to its significant threat to the availability of impacted systems and the confidentiality of sensitive data. |
HAProxyThe DiscoveryHave you updated to fix CVE-2023-45539, a recent HAProxy vulnerability that threatens impacted users’ sensitive information? It was discovered that the HAProxy load balancing reverse proxy incorrectly handled URI components containing the hash character. Distros continue to release updates for this flaw, which has received a National Vulnerability Database severity rating of “High” due to its significant confidentiality threat to affected systems and how straightforward it is for attackers to exploit. |
PREVIOUS
NEXT
