Sy2339226

**Name of the Vulnerable Software and Affected Versions** gost version 2.11.5 **Description** An authentication bypass in the SSH service allows attackers to intercept communications by setting the `HostKeyCallback` function to `ssh.InsecureIgnoreHostKey`. This issue is related to missing key verification in gost. **Recommendations** For gost version 2.11.5, consider disabling the SSH service until a patch is available. As a temporary workaround, avoid setting the `HostKeyCallback` function to `ssh.InsecureIgnoreHostKey` to prevent authentication bypass. Restrict access to the SSH service to minimize the risk of exploitation.