A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session.
To mitigate this issue, disable X11 forwarding on OpenSSH clients when it is not required. This can be achieved by avoiding the use of -X or -Y options when invoking ssh, or by setting ForwardX11 no in the SSH client configuration file (~/.ssh/config or /etc/ssh/ssh_config). Disabling X11 forwarding will prevent the client from attempting to establish X11 connections, thereby removing the attack vector.