Gregory's Server#regreSSHion: Remote Unauthenticated Code Execution #Vulnerability in OpenSSH server
This one is for my sysadmins out there... or really, anyone who runs/manages a server with sshd facing the internet.
"The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration."
Long story short: successful exploitation could lead to full system compromise.
This affects OpenSSH versions older than 4.4p1 and versions _between_ 8.5p1 and 9.8p1.
Note that some #Linux distros (current versions of RHEL 7 and RHEL 8) are unaffected. Most distros have updates available. Update ASAP.
If updating is not possible, you can set set LoginGraceTime in /etc/ssh/sshd_config to 0. This comes with the risk of making the sshd server vulnerable to denial of service.
#openssh #ssh #security #cve #cybersecurity #infosec
regreSSHion is tracked as CVE-2024-6387.
inb4 update, RCE, or DoS