> A MITM attacker can arbitrarily delete messages from a connection before the secure channel is established, as sequence numbers are only validated once the channel is established and arbitrary messages are allowed during the handshake, allowing them to manipulate the sequence numbers. Depending on the cipher being used, once the secure channel is established, the attacker can then use the manipulated sequence numbers to delete messages sent immediately after the channel is established.
(https://github.com/golang/go/issues/64784)
OpenSSH also has released an update: https://seclists.org/oss-sec/2023/q4/291