OpenSSH 9.8 Fixes Critical sshd Vulnerability
Quoting: OpenSSH 9.8 Fixes Critical sshd Vulnerability —
Today, the OpenSSH project announced the release of OpenSSH 9.8, available for download on its official mirrors. This release patched a critical issue (CVE-2024-6387) found in Portable OpenSSH versions 8.5p1 to 9.7p1.
The vulnerability, potentially allowing arbitrary code execution with root privileges, particularly affected 32-bit Linux systems with ASLR.
Although the exploit has not been demonstrated on 64-bit systems, the possibility remains, heightening the risk for systems without effective address space layout randomization (ASLR).
Update
A couple more:
-
SSH "regreSSHion" Remote Code Execution Vulnerability in OpenSSH., (Mon, Jul 1st)
-
Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack
Millions of OpenSSH servers could be vulnerable to unauthenticated remote code execution due to a vulnerability tracked as regreSSHion and CVE-2024-6387.
More here. (CVE-2006-5051 and CVE-2024-6387 Patched in OpenSSH)
More here:
-
Pre-auth RCE to root in OpenSSH server: 700,000 instances exposed
A critical vulnerability in certain versions of the OpenSSH server can be exploited remotely by an unauthenticated attacker to gain root.
The race condition vulnerability, allocated CVE-2024-6387 and affecting most Glibc-based Linux versions, was identified and reported by Qualys.
A technical write-up of bug, dubbed "regreSSHion" is here.
A couple more:
-
'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems
Researchers at the Qualys Threat Research Unit (TRU) have unearthed discovered a critical security flaw in OpenSSH's server (sshd) in glibc-based Linux systems.
-
'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems
An unauthenticated remote code execution (RCE) vulnerability in the OpenSSH secure communications suite opens millions of Linux-based systems to takeover as root.
Dubbed "RegreSSHion" by researchers who discovered it at the Qualys Threat Research Unit (TRU), the bug (a 8.1 CVSS score) is more specifically a signal handler race condition in OpenSSH’s server (sshd). It affects glibc-based Linux systems running sshd in its default configuration; it may also exist in Mac and Windows environments (though exploitability for those hasn't been proven yet).
"This vulnerability, if exploited, could lead to full system compromise where an attacker can execute arbitrary code with the highest privileges, resulting in a complete system takeover, installation of malware, data manipulation, and the creation of backdoors for persistent access," read to a TRU posting on July 1.
And 2 more again:
-
New regreSSHion OpenSSH RCE bug gives root on Linux servers
A new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed "regreSSHion" gives root privileges on glibc-based Linux systems.
OpenSSH is a suite of networking utilities based on the Secure Shell (SSH) protocol. It is extensively used for secure remote login, remote server management and administration, and file transfers via SCP and SFTP.
-
Critical OpenSSH vulnerability threatens millions of Linux systems
Ryan Daws is a senior editor at TechForge Media with over a decade of experience in crafting compelling narratives and making complex topics accessible. His articles and interviews with industry leaders have earned him recognition as a key influencer by organisations like Onalytica. Under his leadership, publications have been praised by analyst firms such as Forrester for their excellence and performance. Connect with him on X (@gadget_ry) or Mastodon (@gadgetry@techhub.social)
And another:
-
New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems.
The vulnerability, codenamed regreSSHion, has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from any of the client applications.
"The vulnerability, which is a signal handler race condition in OpenSSH's server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems," Bharat Jogi, senior director of the threat research unit at Qualys, said in a disclosure published today. "This race condition affects sshd in its default configuration."
One last item for today:
-
OpenSSH Critical Vulnerability Exposes Millions of Linux Servers to Arbitrary Code Attacks
A critical vulnerability has been discovered in OpenSSH, a widely used implementation of the SSH protocol, which could potentially expose millions of Linux systems to arbitrary code execution attacks.
-
PoC Exploit Published for Linux Kernel Privilege Escalation Flaw
A critical use-after-free vulnerability has been discovered in the Linux kernel’s netfilter subsystem.
This vulnerability could potentially allow local, unprivileged users with CAP_NET_ADMIN capability to escalate their privileges.
2 more today:
-
‘RegreSSHion’ bug raises alarms but experts question chances of widespread exploitation
While most experts said concerns about the bug were justified, others cast doubt on its severity.
Moore noted the exploits for the vulnerability appear to only be viable for a certain kind of Linux server, most of which are relegated to 15-year-old systems.
-
Researchers uncover rare, difficult-to-exploit OpenSSH vulnerability
“Qualys came up with situations through which they were able to take a thing that may take weeks to a thing that could take hours, but it still relied upon an intentionally fragile environment for it to execute,” Arasaratnam said, noting that finding a bug in a program thought by many to be “rock solid” is impressive work.
OpenSSH noted that it took them eight hours of continuous connection before they were able to replicate a successful attack.
Two more:
-
RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)
TL;DR The Qualys Threat Research Unit has found a high-severity vulnerability, filed under CVE-2024-6387, affects OpenSSH (Open Secure Shell), a networking utility often used for remote server management [...]
-
Over 14M servers may be vulnerable to OpenSSH's regreSSHion RCE flaw. Here's what you need to do
OpenSSH, the bedrock of secure GNU/Linux network access, has a nasty security flaw.
A couple more:
-
“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Researchers have warned of a critical vulnerability affecting the OpenSSH networking utility that can be exploited to give attackers complete control of Linux and Unix servers with no authentication required.
The vulnerability, tracked as CVE-2024-6387, allows unauthenticated remote code execution with root system rights on Linux systems that are based on glibc, an open source implementation of the C standard library. The vulnerability is the result of a code regression introduced in 2020 that reintroduced CVE-2006-5051, a vulnerability that was fixed in 2006. With thousands, if not millions, of vulnerable servers populating the Internet, this latest vulnerability could pose a significant risk.
-
Latest OpenSSH Vulnerability Might Impact 14M Linux Systems
The vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006. A regression in this context means that a flaw, once fixed, has reappeared in a subsequent software release, typically due to changes or updates that inadvertently reintroduce the issue.
Last pair of links for now:
-
Cybersecurity News: 14 million Linux systems threatened, critical patch for Juniper routers, millions impacted by Prudential breach
Researchers at Qualys have uncovered a critical vulnerability, “regreSSHion” (CVE-2024-6387), which some experts are comparing to the notorious Log4Shell in terms of potential severity. This flaw, with a CVSS score of 8.1, affects glibc-based Linux systems running sshd in its default configuration. Exploiting this vulnerability could allow attackers to completely take over systems, install malware, manipulate data, and create backdoors for persistent access. The vulnerability poses a severe threat, enabling unauthorized remote code execution with root privileges, leaving over 14 million servers potentially vulnerable.
-
OpenSSH: An RCE run as Root puts 14 million instances on Linux at risk
A recent critical vulnerability in OpenSSH, identified as CVE-2024-6387, could allow unauthenticated remote code execution with root privileges on glibc-based Linux systems. This flaw resides in the server component of OpenSSH (sshd) and is due to a race condition in the signal handler. The vulnerability was reintroduced in October 2020 in OpenSSH version 8.5p1, partially fixing an 18-year-old problem (CVE-2006-5051).
One more:
-
Linux Users Beware: New OpenSSH Vulnerability Could Lead to System Takeover
The new bug is a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (SSHD) in glibc-based Linux systems. The CVE assigned is CVE-2024-6387. It’s a signal handler race condition in OpenSSH’s server and affects SSHD’s default configuration.
This vulnerability allows unauthenticated remote code execution and poses significant security risks, allowing attackers to execute remote code without authentication on vulnerable servers.
It could result in a full system compromise, where attackers perform a complete system takeover, including creating a backdoor for ongoing access. Hackers could deploy further malware or use the compromised system to exploit and gain access to other vulnerable systems within an organization, bypassing firewalls, logging mechanisms, and other security to obscure their activities. This could lead to a significant data breach or leak, potentially exposing sensitive data.