What is Nostr?
Larvitz :fedora: :redhat: /
npub1fj6…aq90
2024-07-01 14:03:12

Larvitz :fedora: :redhat: on Nostr: Short summary of the #regreSSHion vulnerability (CVE-2024-6387) It's an ...

Short summary of the #regreSSHion vulnerability (CVE-2024-6387)

It's an unauthenticated remote code execution that works without user interaction. Therefore a rather high security risk for systems running #openssh.

Affected versions (AFAIK):

Any version older than 4.4p1 and 8.5p1 until 9.8. The first upstream version, containing a fix is 9.8p1. But since distributions often backport security fixes to older versions, a deeper look is necessary.

Short summary for bigger distributions:

Debian: Stable, testing and sid are affected. A patch for stable has been released. (https://security-tracker.debian.org/tracker/CVE-2024-6387)

Ubuntu: 22.04, 23.10 and 23.04 are affected. A patch for them has been released. (https://ubuntu.com/security/notices/USN-6859-1)

Red Hat: RHEL version 6-8 are not affected. RHEL9 is and by now, there isn't a patch available https://access.redhat.com/security/cve/CVE-2024-6387)

#linux #openssh #CVE-2024-6387 #RCE #security #distributions
Author Public Key
npub1fj6u59lnses9xu6xa6ewugrfg2e639lg32r24383525xq3deyuaspjaq90