This weakness could allow an attacker who is able to inject arbitrary data into an SSH session to recover up to 32 bits (4 bytes) of data by causing an error condition.
This attack method causes the SSH session to terminate, and therefore cannot be used to obtain arbitrary amounts of data from a given session.
The attack requires a high degree of control over the local network (i.e., knowledge of ongoing SSH sessions, their IP addresses, ports and sequence numbers), has a very low probability of being successful (2-18), and allows the attacker to determine very limited amount of information (4 bytes). Therefore it does not pose a significant threat to the security in SSH on SecurePlatform / Gaia OS.
Since this issue cannot be practically exploited, Check Point will not fix it.
Note: This article is not relevant to Gaia Embedded, which does not use OpenSSH.