regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)
(www.qualys.com)
from thomask@lemmy.sdf.org to cybersecurity@sh.itjust.works on 01 Jul 2024 09:46
https://lemmy.sdf.org/post/18953398
from thomask@lemmy.sdf.org to cybersecurity@sh.itjust.works on 01 Jul 2024 09:46
https://lemmy.sdf.org/post/18953398
The following summary from Debian’s security list:
The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suite, is prone to a signal handler race condition. If a client does not authenticate within LoginGraceTime seconds (120 by default), then sshd’s SIGALRM handler is called asynchronously and calls various functions that are not async-signal-safe. A remote unauthenticated attacker can take advantage of this flaw to execute arbitrary code with root privileges. This flaw affects sshd in its default configuration.
threaded - newest
That looks horrible.
indeed, but your SSH ports should not be hanging out in the wind for any old IP to hit.
openssh is typically quite robust, this is a rare exception
Oh shit, now squash on merge folks can claim “defense-in-depth”.
Always makes me think of this comic by geek and poke
<img alt="" src="https://blog.mergify.com/content/images/2023/08/image-8.png">
Anti Commercial-AI license
It says 4.4 to 8.4 versions are not vulnerable. A lot of old distro releases are on these versions, Debian 10, 11, Ubuntu 20.04 LTS is not affected pkgs.org/download/openssh-server