OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks.

Recently, OpenSSH has issued an advisory regarding a remote code execution vulnerability (CVE-2024-6387). It arises from a race condition in signal handler processing, which could potentially allow an unauthenticated remote attacker to execute code with root privileges on the affected Linux system. Vulnerability details and PoC have been disclosed, and the risk is high. If you are a Linux kernel user, check your system and implement timely security hardening.

Reference:

https://www.openssh.com/security.html

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

Severity: important

(Severity: low, moderate, important, and critical)

Affected versions:

8.5p1 <= OpenSSH < 9.8p1

Secure versions:

OpenSSH >= 9.8p1

This vulnerability has been fixed in later official versions. If your service version falls into the affected range, upgrade it to a latest secure version.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.

Get more professional support at any time

Contact Us