First published: Tue Jul 09 2024(Updated: )
Philippos Giavridis, Jacky Wei En Kung, Daniel Hugenroth, and Alastair Beresford discovered that the OpenSSH ObscureKeystrokeTiming feature did not work as expected. A remote attacker could possibly use this issue to determine timing information about keystrokes.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/openssh-client | <1:9.6p1-3ubuntu13.4 | 1:9.6p1-3ubuntu13.4 |
Ubuntu Ubuntu | =24.04 | |
All of | ||
ubuntu/openssh-server | <1:9.6p1-3ubuntu13.4 | 1:9.6p1-3ubuntu13.4 |
Ubuntu Ubuntu | =24.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.