We are reporting on an important vulnerability affecting OpenSSH. It allows an attacker to execute code as root. It is a critical flaw, so it is essential to fix it as soon as possible. Luckily, patches have already been released so that users can implement them. We are going to tell you everything you need to know to avoid security problems that compromise your devices.
The vulnerability is called regreSSHion and has been registered under the identifier CVE-2024-6387. It is present in the OpenSSH server component, which is also known as sshd. It is used to listen for connections through client applications. It is a problem that can affect a large number of users.
Serious vulnerability in OpenSSH
According to reports, there are at least 14 million OpenSSH servers that could be affected by this vulnerability. It is a flaw that derives from a vulnerability that was already corrected a few years ago and was registered as CVE-2006-5051. That specific flaw was present for almost two decades until it was patched in 2020.
The new vulnerability affects Linux systems. It allows an attacker to perform non-arbitrary code execution. It may affect versions between 8.5p1 and 9.7p1. Additionally, versions prior to 4.4p1 are also vulnerable to the bug unless they are patched for CVE-2006-5051 and CVE-2008-4109.
Although it is not confirmed, security researchers at Qualys believe that this issue could also affect Windows and macOS systems. However, they are conducting research to confirm this issue.
When an attacker manages to exploit this flaw, they could compromise the system and take full control of it. This includes executing remote code with maximum privileges, bypassing security mechanisms, stealing data or maintaining access over time without the victim being able to do anything to prevent it.
Solve the problem
As is often the case in these cases, to fix the problem you need to update. It is important that you update the software to the latest version, as this fixes this serious flaw. On the website of Qualys They inform you about everything you need to know regarding patches.
Beyond updating to the latest available versions, which can help fix bugs of this type and others that may exist, they also advise limiting SSH access through network-based controls and applying network segmentation. This allows you to restrict unauthorized access, so a hypothetical attacker would not be able to gain access.
It is common that, after detecting a vulnerability of this type, the developers themselves release the updates that are necessary to correct this problem. It is something that can affect operating systems, applications or any service you use, regardless of what type of device you use. From RedesZone, we always recommend installing all the patches and thus having the equipment protected. Of course, it is key to do it from official sources and not make mistakes.
In short, a critical security flaw affects OpenSSH. It is a vulnerability that derives from another one that was already corrected a few years ago, but which is present again. Acting as soon as possible is essential to avoid problems. You can always configure your OpenSSH server on Linux with complete security.
