SSH Prefix Truncation Vulnerability Used in Terrapin Attacks (CVE-2023-48795)

Academic researchers have discovered a vulnerability in SSH cryptographic network protocol that can be used in an attack called Terrapin, a prefix truncation attack. Tracked as CVE-2023-48795, the vulnerability allows attackers to lower the security of established connections by truncating the extension negotiation message.